- If elasticsearch is already installed, then OpenJDK already installed.
You can check OpenJDK version by below command,
java -version
It shows below output,
openjdk version "11.0.8" 2020-07-14 OpenJDK Runtime Environment (build 11.0.8+10-post-Ubuntu-0ubuntu120.04) OpenJDK 64-Bit Server VM (build 11.0.8+10-post-Ubuntu-0ubuntu120.04, mixed mode, sharing)
- If elasticsearch is not installed, follow this blog to install elasticsearch
Install Elasticsearch in Ubuntu 20.04
Then Ctrl+x, press “y” to save.
- Install Mongodb
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4 echo "deb [ arch=amd64 ] <https://repo.mongodb.org/apt/ubuntu> bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list sudo apt-get update sudo apt-get install -y mongodb-org
Enable mongodb during os startup,
sudo systemctl daemon-reload sudo systemctl enable mongod.service sudo systemctl restart mongod.service
Check if mongodb running,
sudo systemctl --type=service --state=active | grep mongod
It should show below output,
mongod.service loaded active running MongoDB Database Server
- Install greylog,
wget <https://packages.graylog2.org/repo/packages/graylog-3.3-repository_latest.deb> sudo dpkg -i graylog-3.2-repository_latest.deb sudo apt-get update && sudo apt-get install graylog-server
Start greylog,
sudo systemctl enable graylog-server.service sudo systemctl start graylog-server.service
- You must set a secret that is used for password encryption.
pwgen -N 1 -s 96
If pwgen is not already installed, install it as below,
sudo apt install pwgen
you will get something like this,
V5kGYOFvauEcuSt0qRiCbOP1ZIRSekpMsCSMz8SyWCa1RFRTsEGM7JTkkvuk5S0a9C4eTW4AOpPpWSDlWiWwj3SHmloa7k8E
Edit server.conf file and place the secret in password_secret =
sudo nano /etc/graylog/server/server.conf
password_secret = V5kGYOFvauEcuSt0qRiCbOP1ZIRSekpMsCSMz8SyWCa1RFRTsEGM7JTkkvuk5S0a9C4eTW4AOpPpWSDlWiWwj3SHmloa7k8E
- Now generate a hash (sha256) password for the admin user of graylog.
Replace “Password” with your own password.
echo -n Password | sha256sum
Output:
e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a -
Add this sha256 password in “root_password_sha2” of server.conf file.
sudo nano /etc/graylog/server/server.conf
root_password_sha2 = e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a -
- Set greylog web interface
sudo nano /etc/graylog/server/server.conf
Uncomment
http_bind_address = 127.0.0.1:9000 root_email = "admin@example.com"
- Start and enable the Graylog service.
sudo systemctl restart graylog-server
Access greylog using 127.0.0.1:9000
Login username will be “admin” and password willbe the password which you configured at root_password_sha2 in the server.conf file.
Referencesâž–
https://docs.graylog.org/en/3.2/pages/installation/os/ubuntu.html
https://docs.graylog.org/en/3.2/pages/installation/manual_setup.html
