How to install and configure Graylog on CentOS 7

Graylog is an open-source log management system. This tutorial provides a step-by-step guide on installing and configuring Graylog with SSL on CentOS 7.

Graylog is an open-source log management system. Founded by a Texas-based company with the same name, Graylog was formerly called Torch, which began as an open-source project in Hamburg, Germany, in the year 2009.

Graylog centrally captures, stores, and enables real-time search and log analysis against terabytes of machine data from any component in IT infrastructure and applications. The software uses Elasticsearch-based three-tier architecture and scalable storage. Graylog created a niche as a fast, affordable, and viable alternative to Splunk.

Installing Graylog on CentOS 7

1. Pre-setup

Fire up a terminal and enter the following command to set a Hostname.

hostnamectl set-hostname graylog

Update the system.

yum update -y

Install Epel Repository.

yum install epel-release

Install needed packages.

yum install pwgen vim

2. Setup JAVA

Install JAVA.

yum install java-1.8.0-openjdk-headless.x86_64

Install JAVA
Install JAVA

Check the java version.

java -version

Check Java Version
Check Java Version

3. Install MongoDB

Create a repository file.

vim /etc/yum.repos.d/mongodb-org.repo

Add the following contents.

[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

List repo.

yum repolist

Install MongoDB.

yum install mongodb-org

Install Mongo
Install Mongo

Enable mongo service on system boot.

systemctl enable mongod.service

Start service.

systemctl start mongod.service

Check mongo port.

netstat -tunlp | grep 27017

Mongo Port
Mongo Port

4. Installing Elasticsearch

Install the Elastic GPG key.

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Create a repository.

vim /etc/yum.repos.d/elasticsearch.repo

Add the following contents to the file.

[elasticsearch-6.x]
name=Elasticsearch repository for 6.x packages
baseurl=https://artifacts.elastic.co/packages/oss-6.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

List repositories.

yum repolist

Install the open-source version of Elasticsearch.

yum install elasticsearch-oss

Install Elastic Search
Install Elastic Search

Modify the Elasticsearch configuration file.

Set the cluster name to Graylog and add “action.auto_create_index: false” to the file.

vim /etc/elasticsearch/elasticsearch.yml

Configurations
Configurations

Save and exit the file. Enable elastic search on system boot.

systemctl enable elasticsearch.service

Enable Elastic Search On System-boot
Enable Elastic Search On System-boot

Check the status of the service.

systemctl status elasticsearch.service

Start service.

systemctl start elasticsearch.service

Check logs.

tail -f /var/log/elasticsearch/graylog.log

Check elastic search health.

curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'

Check Elastic Search health
Check Elastic Search health

5. Installing the Graylog

Setup repository.

rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-3.2-repository_latest.rpm

Install Repo
Install Repo

List repositories.

yum repolist

Install Graylog-server.

yum install graylog-server

Install Graylog
Install Graylog

6. Configure Graylog

You should now add “password_secret” and “root_password_sha2” to server.conf file.

Generate password_secret.

pwgen -N 1 -s 96

Generate root_password_sha2.

echo -n foss@dan123 | sha256sum

Add generated values to file.

vim /etc/graylog/server/server.conf

Modified File
Modified File

Change bind-address.

vim /etc/graylog/server/server.conf

Uncomment the following line.

http_bind_address = 127.0.0.1:9000

Enable service on system boot.

systemctl enable graylog-server.service

Start service.

systemctl start graylog-server.service

Monitor server logs.

tail -f /var/log/graylog-server/server.log

Graylog Server Log
Graylog Server Log

check Server Port.

netstat -tunlp | grep 9000

Graylog Server Port
Graylog Server Port

7. Configuring Nginx reverse proxy with SSL

I. Install and configure Nginx

yum install nginx -y

Enable Nginx on boot.

systemctl enable nginx

Check status.

systemctl status nginx

Start service.

systemctl start nginx

II. Setup DNS record

Then go to your DNS manager and add A record for your server.

A Domain Name Server IP

III. Install and configure SSL with Certbot

Install certbot.

yum install certbot python2-certbot-nginx

There are few ways to get and configure SSL using Certbot, but here is the easiest way. Run the below command to get a certificate and apply it to Nginx.

certbot --nginx

Provide needed information when it asks. e.g., you need to provide email, domain name, etc.

Get SSL
Get SSL

When it asks to redirect all traffic to Https, enter the relevant number.

HTTPS Redirection
HTTPS Redirection

IV. Modify Nginx configurations

vim /etc/nginx/nginx.conf

Add the following contents to the Location Blocks.

 location /
{
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL https://$server_name/;
proxy_pass http://127.0.0.1:9000;
}

Check Nginx for syntax errors.

nginx -t

Restart Nginx.

systemctl restart nginx

8. Set SELinux policy

setsebool -P httpd_can_network_connect 1

9. Browse using your Domain name

https://graylog.fosslinux.com/

Then you will get the login interface.

Login Window
Login Window

Login with username “admin” and root password set inside server.conf. After login, you should see an interface like below.

After Login
After Login

Now we need to set up the input and push log files to the server.

Notification
Notification

That’s all about the installation and configuration of Graylog with SSL on CentOS. I hope you liked the tutorial.

Darshana
Hey! I'm Darshana, a Linux / DevOps Engineer and also a contributor to FOSS Linux. I enjoy working on various kind of Linux distributions and cloud technologies. During my free time, I love to swim and hike across nature trails. Linux is my love and I'm here to share all my learnings with all of you! Hope you enjoyed reading my article.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

23,420FansLike
377FollowersFollow
16SubscribersSubscribe

LATEST ARTICLES

Getting Started with Linux Operating System

The Linux operating system brings forth a vibrant mix of features and security, making it the best alternative to macOS or Windows operating systems. In this post, we will give you a master guide on Getting started with Linux systems - taking you from a complete beginner to a level where you can begin testing the various Linux distributions available with much ease.

How to Create a Comprehensive Mail Server on Ubuntu

Postal is a free and open-source mail server used to send and receive emails. It comes loaded with tons of excellent features and functionalities, making it extremely popular among large organizations as well as in enterprise settings.

The 10 Best Linux Performance Monitoring Tools

Do you want to monitor the performance of your Linux system? Are you looking for some powerful performance monitoring tools to help you out? If you agree, it's your day as we have put together a detailed list of the ten best Linux performance monitoring tools.

How to Boot your Windows or Linux PC from a USB Drive

Sometime back, the process of installing an operating system required users to pop a bootable media disk into their DVD or CD drive and use it to boot the PC. But times have changed. Nowadays, the most common way of installing an OS is booting from a USB drive. The use of USB drives is further propelled by the current production of slim and lightweight laptops with no support for DVD/CD drives.

Python For Loop: Everything You Need to Know

Loops are one of the essential elements in any programming language, and Python is not an exception to it. Loops are used to repeat a statement or a block of statements multiple times. If there were no concept of loops in programming languages, we have to write each statement again and again for the number of times we want to execute it.

How to install LibreOffice on Fedora

If you are looking for a feature-rich and reliable Office Suite for your Fedora PC, then you have an excellent option at hand. LibreOffice, a free and opensource app, has stood the test of time and evolved into a beautiful alternative to Microsoft Office.

MUST READ

Buyers who wish to go for a machine that is based on Linux often show interest in Chromebooks due to the form factor and extended battery life capabilities. Although ChromeOS power these machines, users can still miss out on a more genuine Linux experience. For those who happen to agree, the new Lemur Pro by System76 might get some heads turning.
Linux is growing faster than ever. As per the latest report, there is a drop in the Windows 10 market share for the first time, and Linux's market share has improved to 2.87% this month. Most of the features in the list were rolled out in the Pop OS 20.04. Let's a detailed look into the new features, how to upgrade, and a ride through video.

13 ways to use the copy command in Linux (with examples)

Being a Linux user, copying files and directories is one of the everyday tasks that you have to carry out. It can be copying a file to make a backup or copy it to another partition, directory, or external storage drive.

CentOS Vs. Ubuntu Server : Everything You Need to Know

Choosing the perfect Linux distribution to set up your server can be confusing since Linux provides a limitless number of options. The main reason behind these many distributions is because Linux is an opensource platform. Anybody with the required skills can contribute to the development or build and release their distribution. Currently, there are more than 600 Linux Desktop and Server distributions in the market.

7 Best Ways to Kill Unresponsive Programs in Linux

For dealing with a frozen app or desktop, you can't use the CTRL+ALT+DEL in Linux system. Instead, there are powerful alternatives that come in handy in frustrating situations. We pick the best methods available for you.

10+ Best Python IDEs for Linux

Python programming language is applied in so many areas of computer technology, i.e., Scripting, GUI development, Website development, Artificial Intelligence (AI), Machine Learning, Data Science, Computer Networking, and Network Automation, and Cyber Security.