官方安装文档https://docs.graylog.org/v1/docs/centos.
#安装jdk
sudo yum install java-1.8.0-openjdk-headless.x86_64pwgen
sudo yum install epel-release sudo yum install pwgen.MongoDB
# 在 /etc/yum.repos.d/目录下创建mongodb-org.repo文件 vi /etc/yum.repos.d/mongodb-org.repo ####################文件开头######################## [mongodb-org-4.2] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.2/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc ####################文件结尾######################## #安装最新的mongodb-org sudo yum install mongodb-org #设置开机启动 sudo systemctl daemon-reload sudo systemctl enable mongod.service sudo systemctl start mongod.service sudo systemctl --type=service --state=active | grep mongodElasticsearch
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch vi /etc/yum.repos.d/elasticsearch.repo ####################文件开头######################## [elasticsearch-7.x] name=Elasticsearch repository for 7.x packages baseurl=https://artifacts.elastic.co/packages/oss-7.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md ####################文件结尾######################## sudo yum install elasticsearch-oss. #修改elasticsearch.yml vi /etc/elasticsearch/elasticsearch.yml #在 elasticsearch.yml 文件末尾追加 内容 sudo tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <GRAYLOG sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-4.2-repository_latest.rpm #安装graylog-server和插件 sudo yum install graylog-server graylog-enterprise-plugins graylog-integrations-plugins graylog-enterprise-integrations-plugins #或者只安装graylog-server sudo yum install graylog-server #编辑配置文件 /etc/graylog/server/server.conf 添加password_secret和root_password_sha2 ,否则无法正常运行 修改配置, password_secret和root_password_sha2是必须的,不设置则无法启动,设置方法如下: # 修改配置 vim /etc/graylog/server/server.conf ---------------------------------文件开头---------------------------------------- # passworde_secret可以通过命令:pwgen -N 1 -s 96 来随机生成,下面就是我随机生成的 password_secret = 6Z06fZHU2DwuOf9X8fhnvphCd3OM7oqwLECRRcejvjpieSvVtwu08yHYHIKDi56bAxRvtCOZ3xKKiBqyt00XYCgVa0oETB0L # admin用户密码生成命令:echo -n yourpassword | sha256sum # 生成后,请记住你的 YourPassword root_password_sha2 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # admin用户邮箱 root_email = "root@example.com" # 时区 root_timezone = Asia/Shanghai # elasticsearch 相关配置 elasticsearch_hosts = http://127.0.0.1:9200 elasticsearch_shards =1 elasticsearch_replicas = 0 # mongodb 连接配置,这里直接本机起的mongodb,没有设置验证 mongodb_uri = mongodb://localhost/graylog # 电子邮件smtp,设置为自己的邮箱smtp服务 transport_email_enabled = true transport_email_hostname = smtp.exmail.qq.com transport_email_port = 465 transport_email_use_auth = true transport_email_use_tls = false transport_email_use_ssl = true transport_email_auth_username = root@example.com transport_email_auth_password = 123456 transport_email_subject_prefix = [graylog] transport_email_from_email = root@example.com transport_email_web_interface_url = http://graylog.example.com # 网络访问相关,重要,graylog3比2.x版本简洁了很多网络配置,只需配置http_bind_address即可。 http_bind_address = 0.0.0.0:9000 # 配置外网地址,我这里用了域名+nginx做反向代理,所以外网地址如下。没有的话就直接就用外网ip+port,如:http://外网ip:9000/ http_publish_uri = http://graylog.example.com/ # http_external_uri = http://graylog.example.com/ 单节点的话,此配置不需要配置,默认使用http_publish_uri ---------------------------------文件结尾---------------------------------------- #设置开机启动 sudo systemctl daemon-reload sudo systemctl enable graylog-server.service sudo systemctl start graylog-server.service sudo systemctl --type=service --state=active | grep graylog
