How to Install Graylog on Ubuntu 24.04
Introduction
Graylog is an open-source log management platform that provides real-time, centralized logging with features like searching, analyzing, and visualizing log data. In this guide, you will learn how to install Graylog on Ubuntu 24.04.
Prerequisites
- A server running Ubuntu 24.04
- Root access or a user with
sudoprivileges - Java OpenJDK installed (version 8 or higher)
- A domain name (optional)
Step 1: Update the System
First, update your package list and upgrade your installed packages:
sudo apt update
sudo apt upgrade -yStep 2: Install Java OpenJDK
Graylog requires Java to run. Install OpenJDK by running:
sudo apt install openjdk-11-jdk -yStep 3: Install MongoDB
Graylog uses MongoDB as its database. Install it by following these steps:
sudo apt install -y mongodbStart and enable the MongoDB service:
sudo systemctl start mongodb
sudo systemctl enable mongodbStep 4: Install Elasticsearch
Graylog uses Elasticsearch for full-text search capabilities. Add the Elasticsearch GPG key and repository:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.listNow install Elasticsearch:
sudo apt update
sudo apt install elasticsearch -yStart and enable the Elasticsearch service:
sudo systemctl start elasticsearch
sudo systemctl enable elasticsearchStep 5: Install Graylog
Download the Graylog repository and install it:
wget https://packages.graylog2.org/repo/packages/graylog-4.2-repository_latest.deb
sudo dpkg -i graylog-4.2-repository_latest.deb
sudo apt update
sudo apt install graylog-server -yStep 6: Configure Graylog
Open the Graylog configuration file:
sudo nano /etc/graylog/server/server.confChange the following settings:
password_secret: Generate a random secret string.root_password_sha2: Set the root password. Use the commandecho -n your_password | shasum -a 256to hash the password.http_bind_address: Set to0.0.0.0:9000to allow external access.
Once done, save and exit.
Step 7: Start Graylog Server
Start the Graylog service and enable it to run on boot:
sudo systemctl start graylog-server
sudo systemctl enable graylog-serverStep 8: Configure Firewall (Optional)
If you have a firewall enabled, allow access to Graylog:
sudo ufw allow 9000/tcpStep 9: Access Graylog Web Interface
Open your web browser and access Graylog using the following URL:
http://your_server_ip:9000Log in using the username admin and the password you created earlier.
Conclusion
You have successfully installed Graylog on Ubuntu 24.04. You can now start using Graylog for log management! Explore its features to analyze and visualize your log data effectively.