Installing Graylog2 via Ubuntu Packages
These packages and docs are currently beta.
The deb's are built on Ubuntu Lucid amd64 however should work on both i386 & amd64.
Please report bugs in this HOWTO or the packaging to me at aussielunix at gmail dot com.
graylog2-server
This installs graylog2-server and it's dependencies (mongodb-stable from 10gen) etc.
The graylog2-server will install all files to /opt/graylog2-server & a config file at /etc/graylog2..conf.
Be prepared as the java stuff drags in a lot of deps on a clean minimal Lucid install. (176 packages for me)
1) add public key for the 10gen mongo repository
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
2) add public key for the aussielunix (Mick Pollard) PPA
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv D77A4DCC
3) add the following four lines to /etc/apt/sources.list
# 10-gen's mongodb repos deb http://downloads.mongodb.org/distros/ubuntu 10.4 10gen # lunix's graylog2 debs deb http://ppa.lunix.com.au/ubuntu/ lucid main
4) let apt see the new repositories
sudo apt-get update
5) install graylog2-server plus its deps - including java and mongodb
- This will take a while - go make coffee
sudo apt-get install mongodb-stable graylog2-server
6) secure mongo - add authentication
- add an admin user
- add a user to mongo for collection 'graylog2'
lunix@ubuntu-dev01:~/$ mongo use admin db.addUser('admin', 'admin-mongo-passwd') db.auth('admin', 'admin-mongo-passwd') use graylog2 db.addUser('grayloguser', 'grayloguser-mongo-passwd')
7) tell graylog2-server about the mongo auth
- edit /etc/graylog2.conf
mongodb_useauth = true mongodb_user = grayloguser mongodb_password = p4ssw0rd
8) turn mongo security on - it's off by default
- edit /etc/mongodb.conf
auth = true
9) restart mongo
sudo service mongodb restart
10) start graylog2-server
sudo service graylog2-server start
Conclusion
You should now have a working graylog2-server.
You can check the process tree for a mongodb instance and a java instance and that port UDP/514 is open.
You can now modify the syslog config on the graylog2-server host to send its data to 127.0.0.1:514
Move on to graylog2-web install/configure now.
graylog2-web
This installs graylog2-web and some of it's dependencies.
The graylog2-web package will install all of it's files to /opt/graylog2-web.
All of the gem dependencies have been vendored in.
The version of rubygems is too old in the Lucid repositories so I make use of a thirdparty PPA.
This PPA is from Mackenzie Morgan - a Ubuntu Developer - https://launchpad.net/~maco.m/+archive/ruby
1) add Mackenzie's PPA
sudo apt-get install python-software-properties sudo add-apt-repository ppa:maco.m/ruby
2) let apt see the new repositories
sudo apt-get update
3) install graylog2-web
sudo apt-get install graylog2-web
4) install budler
sudo gem install bundler
5) review/edit some rails configs:
config/mongoid.yml confg/email.yml config/general.yml
6) start graylog2-web as a daemon
script/rails server -eproduction -d -p3000
Conclusion
You should now have a working graylog2 server & web.
There's no real sources for the debs. I am just using the effing package management - fpm to package up the binary I download from the tar.bz on github.
I am setting a dependency of mongo-stable as this is what 10GEN call it now.
I was wondering if I'm better off not setting a dependency at all and leave it up to the end user to worry about it.
Thanks for packaging this up, but...
graylog2-server: Depends: mongodb-stable but it is not installable
Seems they renamed the package to mongodb-10gen (or removed mongodb-stable)
Can you remove the dependancy on the package (and add a tip to install mongodb-10gen) ?
Cheers
Looks like they changed the names, here's what I'm seeing:
root@log:~> apt-cache search mongo | egrep "^mongo" mongodb - An object/document-oriented database (metapackage) mongodb-clients - An object/document-oriented database (client apps) mongodb-dev - An object/document-oriented database (development) mongodb-server - An object/document-oriented database (server package) mongodb-10gen - An object/document-oriented database mongodb-10gen-unstable - An object/document-oriented database
Hey Mick,
Thanks for these: I shamelessly 'borrowed' your .deb's as I had an urgent need to put these in a GPG-signed repo so that I could roll them out with Puppet.
Please do GPG-sign these as I would be happy to just reference your repo rather than duplicate the effort.
If you do I will send you my manifests
Also, here's a graylog2-web service script so that you can 'service graylog2-web start'
G`Day all,
I have repackaged both server & web and updated the howto above.
Changes
Cheers
Mick
@aussielunix
Hey mate,
Very minor thing, but in the graylog2-web section. Number 6 (5 is missing too), it would be useful to say where graylog2-web installs to by default.
Moo
G`Day Anthony,
I have updated the blog with your suggestions.
Thanks.
Mick