Setting up Graylog WebInterface

Medical Technology, Healthcare & Government IT

.
Categories
Category Groups

Prerequisite

Download and Install

Download graylog2-web interface 0.9.6

Extract the downloaded zip file using the following command and change to the installation directory

sudo tar -xvf ~/Downloads/graylog2-web-interface-0.9.6.tar.gz -C /opt/graylog2
cd /opt/graylog2/graylog2-web-interface-0.9.6/

Add PATH, JAVA\_HOME, GEM\_HOME environment variables to be included in env_keep as root user.

sudo vim /etc/sudoers
Defaults    env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
                        LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
                        LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
                        LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
                        LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
                        _XKB_CHARSET XAUTHORITY PATH JAVA_HOME GEM_HOME"

Install necessary gems for graylog webinterface.

sudo gem install bundler
sudo bundle install

Configure Graylog WebInterface

Update config/indexer.yml with following values

sudo vim config/indexer.yml
production
url: http://<elasticsearch-ip>:<port>/
index_name: graylog2

Update config/mongoid.yml with

sudo vim config/mongoid.yml
production:
host: <mongodb:ipaddress>
port: <mongodb:portno>
username: <USERNAME>
password: <PASSWORD>
database: <DATABASE_NAME>

Note:The configured database name,user name,password, ipaddress,port numbers of MongoDB in graylog2.conf,mongoid.yml should be as common.

Makesure MongoDB, ElasticSearch and GraylogServer were running in the above mentioned configuration.

Start web-interface using the following command

sudo script/rails server -e production -p 3000

Configure Apache Httpd Proxy

Create a new site configuration file

In CentOS

sudo vim /etc/httpd/sites-available/graylog-webinterface.conf

In Ubundu

sudo vim /etc/apache2/sites-available/graylog-webinterface.conf

Copy and paste the following lines.

<VirtualHost *:80>
    Alias /graylog /opt/graylog2/graylog2-web-interface-0.9.6/public/
    <Directory /opt/graylog2/graylog2-web-interface-0.9.6/public>
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Enable the site

In CentOS

sudo ln /etc/httpd/sites-available/graylog-webinterface.conf /etc/httpd/sites-enable/graylog-webinterface.conf
sudo /etc/init.d/httpd restart

In Ubuntu

sudo ln /etc/apache2/sites-available/graylog-webinterface.conf /etc/apache2/sites-enable/graylog-webinterface.conf
sudo /etc/init.d/apache2 restart

Access the Graylog Webinterface by using http://\<graylog\-ip\-address\-or\-domain\>/graylog

Original Link

Leave a Reply