Install Graylog in Ubuntu 20.04

  1. If elasticsearch is already installed, then OpenJDK already installed.

You can check OpenJDK version by below command,

java -version

It shows below output,

openjdk version "11.0.8" 2020-07-14
OpenJDK Runtime Environment (build 11.0.8+10-post-Ubuntu-0ubuntu120.04)
OpenJDK 64-Bit Server VM (build 11.0.8+10-post-Ubuntu-0ubuntu120.04, mixed mode, sharing)
  1. If elasticsearch is not installed, follow this blog to install elasticsearch

Install Elasticsearch in Ubuntu 20.04

Then Ctrl+x, press “y” to save.

  1. Install Mongodb
sudo apt-key adv --keyserver hkp:// --recv 9DA31620334BD75D9DCB49F368818C72E52529D4
echo "deb [ arch=amd64 ] <> bionic/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list
sudo apt-get update
sudo apt-get install -y mongodb-org

Enable mongodb during os startup,

sudo systemctl daemon-reload
sudo systemctl enable mongod.service
sudo systemctl restart mongod.service

Check if mongodb running,

sudo systemctl --type=service --state=active | grep mongod

It should show below output,

mongod.service                                                                            loaded active running MongoDB Database Server
  1. Install greylog,
wget <>
sudo dpkg -i graylog-3.2-repository_latest.deb
sudo apt-get update && sudo apt-get install graylog-server

Start greylog,

sudo systemctl enable graylog-server.service
sudo systemctl start graylog-server.service
  1. You must set a secret that is used for password encryption.
pwgen -N 1 -s 96

If pwgen is not already installed, install it as below,

sudo apt install pwgen

you will get something like this,


Edit server.conf file and place the secret in password_secret =

sudo nano /etc/graylog/server/server.conf
password_secret = V5kGYOFvauEcuSt0qRiCbOP1ZIRSekpMsCSMz8SyWCa1RFRTsEGM7JTkkvuk5S0a9C4eTW4AOpPpWSDlWiWwj3SHmloa7k8E
  1. Now generate a hash (sha256) password for the admin user of graylog.

Replace “Password” with your own password.

echo -n Password | sha256sum


e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a  -

Add this sha256 password in “root_password_sha2” of server.conf file.

sudo nano /etc/graylog/server/server.conf
root_password_sha2 = e7cf3ef4f17c3999a94f2c6f612e8a888e5b1026878e4e19398b23bd38ec221a  -
  1. Set greylog web interface
sudo nano /etc/graylog/server/server.conf


http_bind_address =
root_email = ""
  1. Start and enable the Graylog service.
sudo systemctl restart graylog-server

Access greylog using

Login username will be “admin” and password willbe the password which you configured at root_password_sha2 in the server.conf file.




, ,



Leave a Reply

Your email address will not be published. Required fields are marked *