graylog要求的配置_应用服务器配置
graylog3.3部署
#关闭selinux
setenforce 0
sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
#关闭防火墙,后续可自行开放端口
systemctl stop firewalld
systemctl disable firewalld
#修改yum源
yum install -y wget
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
#安装jdk1.8、pwgen
yum install -y java-1.8.0-openjdk-headless.x86_64
yum install -y pwgen
#安装mongodb
cat << EOF | sudo tee -a /etc/yum.repos.d/mongodb-org.repo
[mongodb-org-4.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.2.asc
EOF
yum install -y mongodb-org
systemctl daemon-reload
systemctl enable mongod.service
systemctl start mongod.service
systemctl --type=service --state=active | grep mongodb
#安装Elasticsearch
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
cat << EOF | sudo tee -a /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/oss-6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF
yum install -y elasticsearch-oss
#添加cluster.name: graylog
#添加action.auto_create_index: false
tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOT
cluster.name: graylog
action.auto_create_index: false
EOT
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl restart elasticsearch.service
systemctl --type=service --state=active | grep elasticsearch
#安装Graylog
rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-3.3-repository_latest.rpm
#两选一
#企业版
yum update && sudo yum install -y graylog-server graylog-enterprise-plugins graylog-integrations-plugins graylog-enterprise-integrations-plugins
#社区版
yum install -y graylog-server
cp /etc/graylog/server/server.conf /etc/graylog/server/server.conf_default
#使用pwgen生成password_secret密码
pwgen -N 1 -s 96
#生成root_password_sha2密码字符串,此为admin的密码
echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1
vi /etc/graylog/server/server.conf
#修改password_secret、root_password_sha2及以下字段
root_timezone = Asia/Shanghai
allow_highlighting = true
http_bind_address = 0.0.0.0:9000
#------------------------------------------
#也可以使用以下命令
password_secret=$(pwgen -N 1 -s 96)
echo $password_secret
root_password_sha2=$(head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1)
键入admin的密码
echo $root_password_sha2
sed -i "s/#root_timezone = UTC/root_timezone = Asia\/Shanghai/g" /etc/graylog/server/server.conf
sed -i "s/allow_highlighting = false/allow_highlighting = true/g" /etc/graylog/server/server.conf
sed -i "s/#http_bind_address = 127.0.0.1:9000/http_bind_address = 0.0.0.0:9000/g" /etc/graylog/server/server.conf
sed -i "s/password_secret =/password_secret = $password_secret/g" /etc/graylog/server/server.conf
sed -i "s/root_password_sha2 =/root_password_sha2 = $root_password_sha2/g" /etc/graylog/server/server.conf
#------------------------------------------
systemctl daemon-reload
systemctl enable graylog-server.service
systemctl start graylog-server.service
systemctl --type=service --state=active | grep graylog登录配置http://IP:9000
graylog要求的配置_应用服务器配置
密码为键入的root_password值
syslog日志配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
linux主机配置:
vi /etc/rsyslog.conf
#最后添加loghost
#*.* @172.16.200.210:1514 #udp连接
#*.* @@172.16.200.210:1514 #tcp连接
*.* @172.16.200.210:1514
graylog要求的配置_应用服务器配置
交换机配置:
<SW1>dis cu | inc info
info-center source default channel 6 log level warning
info-center loghost source Vlanif250
info-center loghost 172.16.200.210 local-time port 1514
info-center logfile channel 6
graylog要求的配置_应用服务器配置
windows日志配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
token后面主机要用到
windows主机上安装graylog_sidecar_installer_1.1.0-1.exe
https://github.com/Graylog2/collector-sidecar/releases
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
#以管理员身份运行
Microsoft Windows [版本 10.0.14393]
(c) 2016 Microsoft Corporation。保留所有权利。
C:\Users\Administrator>cd C:\Program Files\graylog\sidecar\
C:\Program Files\Graylog\sidecar>graylog-sidecar.exe -service install
C:\Program Files\Graylog\sidecar>graylog-sidecar.exe -service start
C:\Program Files\Graylog\sidecar>
graylog要求的配置_应用服务器配置
检查服务是否自启
回到graylog
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
graylog要求的配置_应用服务器配置
nginx配置
cat << EOF | sudo tee -a /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/\$basearch/
gpgcheck=0
enabled=1
EOF
yum -y install nginx
systemctl enable nginx
vi /etc/nginx/nginx.conf
events {
worker_connections 256; #按需设置;单个后台work process进程的最大并发链接数
}
#删除设定虚拟主机(server)配置,添加以下
server
{
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name graylog.example.org;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL http://172.16.200.210/; #graylog-server IP本例为本机ip
proxy_pass http://127.0.0.1:9000;
}
}
systemctl start nginx版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/234573.html原文链接:https://javaforall.cn
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2022年11月2日 ,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
相关产品与服务
Elasticsearch Service
腾讯云 Elasticsearch Service(ES)是云端全托管海量数据检索分析服务,拥有高性能自研内核,集成X-Pack。ES 支持通过自治索引、存算分离、集群巡检等特性轻松管理集群,也支持免运维、自动弹性、按需使用的 Serverless 模式。使用 ES 您可以高效构建信息检索、日志分析、运维监控等服务,它独特的向量检索还可助您构建基于语义、图像的AI深度应用。
腾讯云开发者
