mrlesmithjr/Graylog2_Appliance_Upgrade.sh

## Graylog2_Appliance_Upgrade.sh
#!/bin/bash
#Provided by @mrlesmithjr
#EveryThingShouldBeVirtual.com

# Graylog2 upgrade script for Ubuntu

set -e
# Setup logging
# Logs stderr and stdout to separate files.
exec 2> >(tee "./graylog2/upgrade_graylog2.err")
exec > >(tee "./graylog2/upgrade_graylog2.log")

echo "Detecting IP Address"
IPADDY="$(ifconfig | grep -A 1 'eth0' | tail -1 | cut -d ':' -f 2 | cut -d ' ' -f 1)"
echo "Detected IP Address is $IPADDY"

SERVERNAME=$IPADDY
SERVERALIAS=$IPADDY

# Stop Graylog2 Services
service graylog2-server stop
service graylog2-web-interface stop

# Remove graylog2 symlinks
rm /opt/graylog2-server
rm /opt/graylog2-web-interface

# Remove previous graylog2 server and web-interface
rm -rf /opt/graylog2-server*
rm /etc/graylog2.conf
rm -rf /opt/graylog2-web-interface*

# Download Elasticsearch, Graylog2-Server and Graylog2-Web-Interface
echo "Downloading Elasticsearch, Graylog2-Server and Graylog2-Web-Interface to /opt"
cd /opt
wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.2.0.deb
wget https://github.com/Graylog2/graylog2-server/releases/download/0.20.2/graylog2-server-0.20.2.tgz
wget https://github.com/Graylog2/graylog2-web-interface/releases/download/0.20.2/graylog2-web-interface-0.20.2.tgz

# Extract files
echo "Extracting Graylog2-Server and Graylog2-Web-Interface to /opt"
  for f in *.*gz
do
tar zxf "$f"
done

# Install elasticsearch
echo "Installing elasticsearch"
dpkg -i elasticsearch-1-2.0.deb

# Set Elasticsearch to start on boot
sudo update-rc.d elasticsearch defaults 95 10

# Create Symbolic Links
echo "Creating SymLink Graylog2-server"
ln -s graylog2-server-0.2*/ graylog2-server

# Install graylog2-server
echo "Installing graylog2-server"
cd graylog2-server/
cp /opt/graylog2-server/graylog2.conf{.example,}
mv graylog2.conf /etc/
pass_secret=$(pwgen -s 96)
sed -i -e 's|password_secret =|password_secret = '$pass_secret'|' /etc/graylog2.conf
sed -i -e "s|root_password_sha2 =|root_password_sha2 = ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f|" /etc/graylog2.conf
sed -i -e 's|elasticsearch_shards = 4|elasticsearch_shards = 1|' /etc/graylog2.conf
sed -i -e 's|mongodb_useauth = true|mongodb_useauth = false|' /etc/graylog2.conf
sed -i -e 's|#elasticsearch_discovery_zen_ping_multicast_enabled = false|elasticsearch_discovery_zen_ping_multicast_enabled = false|' /etc/graylog2.conf
sed -i -e 's|#elasticsearch_discovery_zen_ping_unicast_hosts = 192.168.1.203:9300|elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300|' /etc/graylog2.conf

# Setting new retention policy setting or Graylog2 Server will not start
sed -i 's|retention_strategy = delete|retention_strategy = close|' /etc/graylog2.conf

# Install graylog2 web interface
echo "Installing graylog2-web-interface"
cd /opt/
ln -s graylog2-web-interface-0.2*/ graylog2-web-interface

# Setting up graylog2 web interface
sed -i -e 's|graylog2-server.uris=""|graylog2-server.uris="http://127.0.0.1:12900/"|' /opt/graylog2-web-interface/conf/graylog2-web-interface.conf
app_secret=$(pwgen -s 96)
sed -i -e 's|application.secret=""|application.secret="'$app_secret'"|' /opt/graylog2-web-interface/conf/graylog2-web-interface.conf

# Fixing /opt/graylog2-web-interface Permissions
echo "Fixing Graylog2 Web Interface Permissions"
chown -R root:root /opt/graylog2*

# Cleaning up /opt
echo "Cleaning up"
rm /opt/graylog2-server*.*gz
rm /opt/graylog2-web-interface*.*gz

# Restart Services
service graylog2-server restart
service graylog2-web-interface restart

# All Done
echo "Installation has completed!!"
echo "Browse to IP address of this Graylog2 Server Used for Installation"
echo "IP Address detected from system is $IPADDY"
echo "Browse to http://$IPADDY:9000"
echo "Login with username: admin"
echo "Login with password: password123"
echo "You Entered $SERVERNAME During Install"
echo "Browse to http://$SERVERNAME:9000 If Different"
echo "EveryThingShouldBeVirtual.com"
echo "@mrlesmithjr"
	#!/bin/bash
	#Provided by @mrlesmithjr
	#EveryThingShouldBeVirtual.com

	# Graylog2 upgrade script for Ubuntu

	set -e
	# Setup logging
	# Logs stderr and stdout to separate files.
	exec 2> >(tee "./graylog2/upgrade_graylog2.err")
	exec > >(tee "./graylog2/upgrade_graylog2.log")

	echo "Detecting IP Address"
	IPADDY="$(ifconfig \| grep -A 1 'eth0' \| tail -1 \| cut -d ':' -f 2 \| cut -d ' ' -f 1)"
	echo "Detected IP Address is $IPADDY"

	SERVERNAME=$IPADDY
	SERVERALIAS=$IPADDY

	# Stop Graylog2 Services
	service graylog2-server stop
	service graylog2-web-interface stop

	# Remove graylog2 symlinks
	rm /opt/graylog2-server
	rm /opt/graylog2-web-interface

	# Remove previous graylog2 server and web-interface
	rm -rf /opt/graylog2-server*
	rm /etc/graylog2.conf
	rm -rf /opt/graylog2-web-interface*

	# Download Elasticsearch, Graylog2-Server and Graylog2-Web-Interface
	echo "Downloading Elasticsearch, Graylog2-Server and Graylog2-Web-Interface to /opt"
	cd /opt
	wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.2.0.deb
	wget https://github.com/Graylog2/graylog2-server/releases/download/0.20.2/graylog2-server-0.20.2.tgz
	wget https://github.com/Graylog2/graylog2-web-interface/releases/download/0.20.2/graylog2-web-interface-0.20.2.tgz

	# Extract files
	echo "Extracting Graylog2-Server and Graylog2-Web-Interface to /opt"
	for f in .gz
	do
	tar zxf "$f"
	done

	# Install elasticsearch
	echo "Installing elasticsearch"
	dpkg -i elasticsearch-1-2.0.deb

	# Set Elasticsearch to start on boot
	sudo update-rc.d elasticsearch defaults 95 10

	# Create Symbolic Links
	echo "Creating SymLink Graylog2-server"
	ln -s graylog2-server-0.2*/ graylog2-server

	# Install graylog2-server
	echo "Installing graylog2-server"
	cd graylog2-server/
	cp /opt/graylog2-server/graylog2.conf{.example,}
	mv graylog2.conf /etc/
	pass_secret=$(pwgen -s 96)
	sed -i -e 's\|password_secret =\|password_secret = '$pass_secret'\|' /etc/graylog2.conf
	sed -i -e "s\|root_password_sha2 =\|root_password_sha2 = ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f\|" /etc/graylog2.conf
	sed -i -e 's\|elasticsearch_shards = 4\|elasticsearch_shards = 1\|' /etc/graylog2.conf
	sed -i -e 's\|mongodb_useauth = true\|mongodb_useauth = false\|' /etc/graylog2.conf
	sed -i -e 's\|#elasticsearch_discovery_zen_ping_multicast_enabled = false\|elasticsearch_discovery_zen_ping_multicast_enabled = false\|' /etc/graylog2.conf
	sed -i -e 's\|#elasticsearch_discovery_zen_ping_unicast_hosts = 192.168.1.203:9300\|elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300\|' /etc/graylog2.conf

	# Setting new retention policy setting or Graylog2 Server will not start
	sed -i 's\|retention_strategy = delete\|retention_strategy = close\|' /etc/graylog2.conf

	# Install graylog2 web interface
	echo "Installing graylog2-web-interface"
	cd /opt/
	ln -s graylog2-web-interface-0.2*/ graylog2-web-interface

	# Setting up graylog2 web interface
	sed -i -e 's\|graylog2-server.uris=""\|graylog2-server.uris="http://127.0.0.1:12900/"\|' /opt/graylog2-web-interface/conf/graylog2-web-interface.conf
	app_secret=$(pwgen -s 96)
	sed -i -e 's\|application.secret=""\|application.secret="'$app_secret'"\|' /opt/graylog2-web-interface/conf/graylog2-web-interface.conf

	# Fixing /opt/graylog2-web-interface Permissions
	echo "Fixing Graylog2 Web Interface Permissions"
	chown -R root:root /opt/graylog2*

	# Cleaning up /opt
	echo "Cleaning up"
	rm /opt/graylog2-server.gz
	rm /opt/graylog2-web-interface.gz

	# Restart Services
	service graylog2-server restart
	service graylog2-web-interface restart

	# All Done
	echo "Installation has completed!!"
	echo "Browse to IP address of this Graylog2 Server Used for Installation"
	echo "IP Address detected from system is $IPADDY"
	echo "Browse to http://$IPADDY:9000"
	echo "Login with username: admin"
	echo "Login with password: password123"
	echo "You Entered $SERVERNAME During Install"
	echo "Browse to http://$SERVERNAME:9000 If Different"
	echo "EveryThingShouldBeVirtual.com"
	echo "@mrlesmithjr"