官网安装地址:https://go2docs.graylog.org/5-1/downloading_and_installing_graylog/red_hat_installation.htm?tocpath=Downloading%20and%20Installing%20Graylog%7CInstalling%20Graylog%7C_____6
一、需要安装的组件
- OpenJDK 17 (5.0以上版本的graylog已内置,无需安装)
- OpenSearch 1.x, 2.x (or Elasticsearch 7.10.2)
- MongoDB 5.x or 6.x
二、安装MongoDB
1、编辑mongodb-org.repo文件
sudo vim /etc/yum.repos.d/mongodb-org.repo
输入以下内容
[mongodb-org-6.0] name=MongoDB Repository baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
2、安装mongodb
sudo yum install -y mongodb-org
3、启动mongod服务
sudo systemctl daemon-reload sudo systemctl enable mongod sudo systemctl start mongod sudo systemctl status mongod
三、安装openSearch
1、创建opensearch本地仓库,安装openSearch
sudo curl -SL https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/opensearch-2.x.repo -o /etc/yum.repos.d/opensearch-2.x.repo
sudo yum install -y opensearch
2、编辑mongodb-org.repo文件
sudo vim /etc/opensearch/opensearch.yml
输入以下内容
cluster.name: graylog
node.name: ${HOSTNAME}
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
discovery.type: single-node
network.host: 0.0.0.0
action.auto_create_index: false
plugins.security.disabled: true3、编辑jvm.options文件,修改Xms和Xmx的大小为系统内存大小的一半
sudo vim /etc/opensearch/jvm.options
若系统内存大小是8g,则修改为Xms=4g,Xmx=4g
4、配置运行时内核参数
sudo sysctl -w vm.max_map_count=262144
sudo echo 'vm.max_map_count=262144' >> /etc/sysctl.conf5、启动openSearch服务
sudo systemctl daemon-reload
sudo systemctl enable opensearch
sudo systemctl start opensearch
sudo systemctl status opensearch四、安装graylog
1、配置graylog镜像及安装
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-5.1-repository_latest.rpm
sudo yum install graylog-server2、生成root_password_sha2密钥
echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f13、生成password_secret密钥
< /dev/urandom tr -dc A-Z-a-z-0-9 | head -c${1:-96};echo;4、编辑/etc/graylog/server/server.conf
修改root_password_sha2、password_secret为2,3步生成的密钥http_bind_address代表graylog服务的访问ip,默认是127.0.0.1/9000
http_bind_address = xxxip:9000
5、启动graylog服务
sudo systemctl daemon-reload
sudo systemctl enable graylog-server.service
sudo systemctl start graylog-server.service
sudo systemctl --type=service --state=active | grep graylog标签:sudo,opensearch,mongodb,graylog5.1,Centos7,graylog,systemctl,org,安装 From: https://www.cnblogs.com/cdafan/p/17545594.html