Last active
July 8, 2019 10:37
-
-
Save vpnwall-services/d7be4ba9bdf2d198cf8e9e025c99c9de to your computer and use it in GitHub Desktop.
[Install Graylog] Install graylog #bash #install #graylog
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
sudo apt-get install apt-transport-https | |
wget https://packages.graylog2.org/repo/packages/graylog-3.0-repository_latest.deb | |
sudo dpkg -i graylog-3.0-repository_latest.deb | |
sudo apt-get update | |
sudo apt-get install graylog-server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/rsyslog.conf Configuration file for rsyslog. | |
# | |
# For more information see | |
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html | |
################# | |
#### MODULES #### | |
################# | |
$ModLoad imuxsock # provides support for local system logging | |
$ModLoad imklog # provides kernel logging support | |
#$ModLoad immark # provides --MARK-- message capability | |
# provides UDP syslog reception | |
#$ModLoad imudp | |
#$UDPServerRun 514 | |
# provides TCP syslog reception | |
$ModLoad imtcp | |
$InputTCPServerRun 1514 | |
########################### | |
#### GLOBAL DIRECTIVES #### | |
########################### | |
# | |
# Use traditional timestamp format. | |
# To enable high precision timestamps, comment out the following line. | |
# | |
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | |
# | |
# Set the default permissions for all log files. | |
# | |
$FileOwner root | |
$FileGroup adm | |
$FileCreateMode 0640 | |
$DirCreateMode 0755 | |
$Umask 0022 | |
# | |
# Where to place spool and state files | |
# | |
$WorkDirectory /var/spool/rsyslog | |
# | |
# Include all config files in /etc/rsyslog.d/ | |
# | |
$IncludeConfig /etc/rsyslog.d/*.conf | |
############### | |
#### RULES #### | |
############### | |
# | |
# First some standard log files. Log by facility. | |
# | |
auth,authpriv.* /var/log/auth.log | |
*.*;auth,authpriv.none -/var/log/syslog | |
#cron.* /var/log/cron.log | |
daemon.* -/var/log/daemon.log | |
kern.* -/var/log/kern.log | |
lpr.* -/var/log/lpr.log | |
mail.* -/var/log/mail.log | |
user.* -/var/log/user.log | |
# | |
# Logging for the mail system. Split it up so that | |
# it is easy to write scripts to parse these files. | |
# | |
mail.info -/var/log/mail.info | |
mail.warn -/var/log/mail.warn | |
mail.err /var/log/mail.err | |
# | |
# Logging for INN news system. | |
# | |
news.crit /var/log/news/news.crit | |
news.err /var/log/news/news.err | |
news.notice -/var/log/news/news.notice | |
# | |
# Some "catch-all" log files. | |
# | |
*.=debug;\ | |
auth,authpriv.none;\ | |
news.none;mail.none -/var/log/debug | |
*.=info;*.=notice;*.=warn;\ | |
auth,authpriv.none;\ | |
cron,daemon.none;\ | |
mail,news.none -/var/log/messages | |
# | |
# Emergencies are sent to everybody logged in. | |
# | |
*.emerg :omusrmsg:* | |
# | |
# I like to have messages displayed on the console, but only on a virtual | |
# console I usually leave idle. | |
# | |
#daemon,mail.*;\ | |
# news.=crit;news.=err;news.=notice;\ | |
# *.=debug;*.=info;\ | |
# *.=notice;*.=warn /dev/tty8 | |
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it, | |
# you must invoke `xconsole' with the `-file' option: | |
# | |
# $ xconsole -file /dev/xconsole [...] | |
# | |
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably | |
# busy site.. | |
# | |
daemon.*;mail.*;\ | |
news.err;\ | |
*.=debug;*.=info;\ | |
*.=notice;*.=warn |/dev/xconsole | |
*.* @@127.0.0.1:5140,RSYSLOG_SyslogProtocol123Format |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment