Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
150 views2 pages

Installation - Graylog - Copie

This document provides steps to install and configure MongoDB, Elasticsearch, Graylog, and configure syslog forwarding on a Linux server. It installs various packages, configures services, sets passwords and binds ports to set up the Graylog log management platform with Elasticsearch for storage and syslog forwarding for log collection.

Uploaded by

Jean
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
150 views2 pages

Installation - Graylog - Copie

This document provides steps to install and configure MongoDB, Elasticsearch, Graylog, and configure syslog forwarding on a Linux server. It installs various packages, configures services, sets passwords and binds ports to set up the Graylog log management platform with Elasticsearch for storage and syslog forwarding for log collection.

Uploaded by

Jean
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

sudo apt-get update && sudo apt-get upgrade

(yes)
sudo apt-get install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen
(yes)
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv
9DA31620334BD75D9DCB49F368818C72E52529D4
sudo echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-
org/4.0 multiverse" | sudo tee /etc/apt/source.list.d/mongodb-org-4.0.list
sudo apt-get install -y mongodb-org
sudo systemctl daemon-reload
sudo systemctl enable mongod.service
sudo systemctl restart mongod.service
sudo ps aux | grep mongo
sudo wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key
add -
sudo apt-get update
sudo apt-get install elasticsearch-oss
sudo vi /etc/elasticsearch/elasticsearch.yml
cluster.name: graylog
action.auto_create_index: false
:wq!
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
sudo systemctl restart elasticsearch.service
sudo ps aux | grep elasticsearch
sudo netstat -an | grep 9200
sudo wget https://packages.graylog2.org/repo/packages/graylog-3.0-
repository_latest.deb
sudo dpkg -i graylog-3.0-repository_latest.deb
sudo apt-get update
sudo apt-get install graylog-server
sudo vi /etc/graylog/server/server.conf
password_secret = "mettre un mot de passe"
:shell
sudo nwgen -N 1 -s 96
sudo pwgen -N 1 -s 96 (copier mot de passe)
exit (retourner sur sudo vi /etc/graylog/server/server.conf)
password_secret = (coller mot de passe)
:shell
sudo echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum |
cut -d" " -f1
admin
(copier mot de passe)
exit
root_password_sha2 = (coller mot de passe)
root_timezone = France (vérifier sur http://www.joda.org/joda-
time/timezones.html)
:wq!
sudo systemctl daemon-reload
sudo systemctl enable graylog-server.service
sudo systemctl start graylog-server
sudo tail -f /var/log/graylog-server/server.log
vi /etc/rsyslog.conf
*.* @
:shell
ifconfig
exit
*.* @"ip_de_ipconfig":1514;RSYSLOG_SyslogProtocol123Format
:wq!
sudo systemctl restart rsyslog
sudo iptables -t nat -A PREROUTING -p tcp --dport 514 -j REDIRECT --to 1514
sudo iptables -t nat -A PREROUTING -p udp --dport 514 -j REDIRECT --to 1514
sudo iptables-save > /etc/iptables.rules
sudo less /etc/iptables.rules
sudo vi /etc/network/if-pre-up.d/iptables
#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0
:wq!
sudo chmod +x /etc/network/if-pre-up.d/iptables
sudo curl http://127.0.0.1:9000
sudo netstat -an | grep 9000
sudo vi /etc/graylog/server/server.conf
http_bind_address = "ip_de_ifconfig":9000 (rajouter cette ligne entre
les deux http_bind_address)
:wq!
sudo systemctl restart graylog-server
sudo tail -f /var/log/graylog-server/server.log
sudo netstat -an | grep 9000
^C
exit
sudo su -

Ouvrir chrome => rechercher "ip_de_ifconfig":9000


admin mdp
...
...
...
...

You might also like