Skip to content

Instantly share code, notes, and snippets.

@hggh hggh/graylog2.md
Last active Apr 18, 2017

Embed
What would you like to do?
Graylog2 Debian Packages

WARNING

These packages are obsolete! Please use the official packages from http://www.Graylog2.org

=================================================

Graylog2 0.20.0 Debian packages

  • graylog2-server (Current: 0.20.6)
  • graylog2-web (Current: 0.20.6)
  • graylog2-radio Current: 0.20.6)
  • graylog2-stream-dashboard (Current: 0.90.0)

Debian Repro URL

     deb http://finja.brachium-system.net/~jonas/packages/graylog2_repro/ wheezy main

Vagrant Box available

Install Debian pre depends on your system

    apt-get install mongodb-server openjdk-7-jre-headless uuid-runtime adduser

Install Elasticsearch from Upstream

  • download

      wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-0.90.10.deb
    
      dpkg -i elasticsearch-0.90.10.deb
    
  • configuration of Elasticsearch (/etc/elasticsearch/elasticsearch.yml)

  • Add to configuration:

    • cluster.name: graylog2

Install Graylog2 Packages

  • Install GPG Key from Jonas Genannt GPG Stats

     apt-key adv --keyserver pgp.surfnet.nl --recv-keys 016CFFD0
    
  • Add Graylog2 Apt Repro:

      echo 'deb http://finja.brachium-system.net/~jonas/packages/graylog2_repro/ wheezy main' > /etc/apt/sources.list.d/graylog2.list
    
  • Install Graylog2 Packages:

      apt-get update && apt-get install graylog2-server graylog2-web
    
  • Install Graylog2 Stream Dashboard

      apt-get install graylog2-stream-dashboard
    
  • OR: manually download deb files: http://finja.brachium-system.net/~jonas/packages/graylog2/

enable init script

  • Graylog2 Server

      sed -i 's@no@yes@' /etc/default/graylog2-server
    
  • Graylog2 Webinterface

      sed -i 's@no@yes@' /etc/default/graylog2-web
    

Configuration of Graylog2

Edit /etc/graylog2/server/server.conf

change parameters, see configuration:

  • password_secret
  • root_password_sha2

Edit /etc/graylog2/web/graylog2-web-interface.conf

change parameters

start service

  • Graylog2 Server

      /etc/init.d/graylog2-server start
    
  • Graylog2 Webinterface

      /etc/init.d/graylog2-web start
    
  • Elasticsearch

      /etc/init.d/elasticsearch
    

access the web interface

http://localhost:9000/

  • Username: admin
  • Password: (see /etc/graylog2/server/server.conf)

Graylog2 official documentation

http://support.torch.sh/help/kb/graylog2-web-interface/installing-graylog2-web-interface-v0200-previewx-on-nix-systems

Source of Graylog2 packages are available

@phlegx

This comment has been minimized.

Copy link

commented Mar 17, 2014

Would this work just fine also with Ubuntu server 12.04?

@webratz

This comment has been minimized.

Copy link

commented May 8, 2014

Its working fine on Ubuntu 12.04 and also on 14.04

@MartinAyla

This comment has been minimized.

Copy link

commented May 12, 2014

Thanks for the Debian repo.

Will you update the repo with the new: v0.20.2-rc.1 ?

@slawomirlembicz

This comment has been minimized.

Copy link

commented May 28, 2014

In case GUI is reporting errors when connecting to server, uncomment the following in the server.conf:
rest_transport_uri = http://127.0.0.1:12900/

Confirmed working on Ubuntu 12.04 / 14.04

@dennusb

This comment has been minimized.

Copy link

commented Jul 16, 2014

Does this also work on CentOS? I think not?

@smarechal

This comment has been minimized.

Copy link

commented Sep 24, 2014

I tried to upgrade graylog from this repository to the new (0.90).
I can't start the graylog-server. Is there anything to know about it?

Thank you!

@hggh

This comment has been minimized.

Copy link
Owner Author

commented Sep 24, 2014

the user has changed. you need to fix manually the permissions for var/log/graylog2* and var/run

@smarechal

This comment has been minimized.

Copy link

commented Sep 24, 2014

Thanks a lot hggh :)

@smarechal

This comment has been minimized.

Copy link

commented Sep 24, 2014

Hello,

It doesn't works. I've got this message in graylog2-server logs:
ERROR [DiskJournalCache] Unable to create spool directory spool: java.nio.file.AccessDeniedException: /spool

Thank you ;)

Edit: it works well when i run it with this command:
java -Xmx512m -Djava.net.preferIPv4Stack=true -jar graylog2-server.jar -p /var/run/graylog2.pid -f /etc/graylog2/server/server.conf

Re Edit: i've modified init script to run as root ... it works but not clean.

@seth-paxton

This comment has been minimized.

Copy link

commented Oct 14, 2014

@smarechal - There is a way around this. In the latest version of the graylog2.conf file, you can specify the path to off-heap message cache data:

Directory for the off-heap message cache data. (absolute or relative)

message_cache_spool_dir = /var/spool/graylog2 #Whatever works for you here.

That way, you don't have to run the server as root.

@anmolnagpal

This comment has been minimized.

Copy link

commented May 2, 2016

It's not working anymore

W: Failed to fetch http://finja.brachium-system.net/~jonas/packages/graylog2_repro/dists/wheezy/InRelease

W: Failed to fetch http://finja.brachium-system.net/~jonas/packages/graylog2_repro/dists/wheezy/Release.gpg  Unable to connect to finja.brachium-system.net:http:

W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package graylog2-server
E: Unable to locate package graylog2-web
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.