Graylog客户端及服务端

1.windows的graylog客户端服务状态,监听5044和9000端口,关闭或者放行5044

 

 

 

 

 2.服务端,检查如下服务状态

sudo systemctl status nginx.service

sudo systemctl status mongod.service

sudo systemctl status elasticsearch.service

sudo systemctl status graylog-server.service

 

3.设置admin密码

安装graylog仓库

rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.1-repository_latest.rpm
yum install graylog-server

安装epel仓库和pwgen软件

rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
yum install -y pwgen (后面生成密码使用)

生成password_secret密码

pwgen -N 1 -s 96

生成root_password_sha2密码

echo -n 123456 | sha256sum

修改/etc/graylog/server/server.conf配置文件,将上面生成的密码写入到对应的变量

复制代码
password_secret =
root_password_sha2 =
root_timezone = Asia/Shanghai
rest_listen_uri =  http://0.0.0.0:9000/api/
web_listen_uri = http://0.0.0.0:9000/
allow_highlighting = true (运行查询结果高亮)
elasticsearch_shards = 1 (当前只安装了一个elasticsearch)
elasticsearch_index_prefix = graylog
复制代码
清空该用户在本机中执行过命令的历史记录:history -c
posted @ 2020-09-09 11:50  会飞的老虎  阅读(806)  评论(0编辑  收藏  举报