Tuesday, October 4, 2016

Install Graylog , Mongodb, Elasticsearch in Centos 7 Latest Version

Posted by Unknown
pertama kita coba install graylog
banyak pilihan yang bisa digunakan untuk install graylog. sesuaikan pilihan
untuk dokumentasi ini saya implementasikan di mesin sebagai berikut
- Centos 7.2 amd64
- Openjdk 1.8
- Mongodb v3.2.9
- Elasticsearch 2.4.0
- Graylog 2.1
syarat agar graylog dapat terinstall yakni mongodb, elasticsearch dan openjdk
pertama kita lakukan instalasi openjdk

sudo yum install epel-release java-1.8.0-openjdk-headless.x86_64
[root@graylog ~]# java -version
openjdk version "1.8.0_101"
OpenJDK Runtime Environment (build 1.8.0_101-b13)
OpenJDK 64-Bit Server VM (build 25.101-b13, mixed mode)


instalasi mongodb 3.2
vi /etc/apt/source.list

[mongodb-org-3.2]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc

yum update
sudo yum install -y mongodb-org
sudo chkconfig --add mongod
sudo systemctl daemon-reload
sudo systemctl enable mongod.service
sudo systemctl start mongod.service

[root@graylog ~]# mongod -v
2016-09-19T13:47:23.327+0700 I CONTROL [initandlisten] MongoDB starting : pid=14066 port=27017 dbpath=/data/db 64-bit host=graylog.web
2016-09-19T13:47:23.328+0700 I CONTROL [initandlisten] db version v3.2.9
[root@graylog ~]# netstat -tulpn | grep mongo
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 2287/mongod


instalasi elasticsearch 2.4.0

wget  https://download.elastic.co/elasticsearch/release/org/elasticsearch/distribution/rpm/elasticsearch/2.4.0/elasticsearch-2.4.0.rpm
rpm -i elasticsearch-2.4.0.rpm
systemctl enable elasticsearch
service elasticsearch start
[root@graylog ~]# curl -X GET localhost:9200 {
"name" : "Matsu'o Tsurayaba",
"cluster_name" : "graylog2",
"version" : {
"number" : "2.4.0",
"build_hash" : "ce9f0c7394dee074091dd1bc4e9469251181fc55",
"build_timestamp" : "2016-08-29T09:14:17Z",
"build_snapshot" : false,
"lucene_version" : "5.5.2"
},
"tagline" : "You Know, for Search"
}
vi /etc/elasticsearch/elasticsearch.yml
cluster.name: graylog2

install graylog 2.1.x
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.1-repository_latest.rpm
sudo yum update
sudo yum install graylog-server

tambahkan auth pada konfigurasi graylog.

[root@graylog ~]# echo -n yourpassword | sha256sum
e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e951 (tambahkan ke server.conf)
[root@graylog ~]# pwgen -N 1 -s 96
UbmISdMtk1veg7o3oZICXFiT9MtzOxqYTH7vGIWWnZfKu24qfmFb9x1ffS413siW8S8wADVdjtP4l83wHv7dtQmGz6nMjH5T
vi /etc/graylog/server/server.conf
root_password_sha2 = 65c3f75641b22925c737ca657b126cd68c39e423349d43031cf9a3b9a18cee1f
password_secret = UbmISdMtk1veg7o3oZICXFiT9MtzOxqYTH7vGIWWnZfKu24qfmFb9x1ffS413siW8S8wADVdjtP4l83wHv7dtQmGz6nMjH5T
cluster.name: graylog2 (samakan dengan cluster.name di elasticsearch)
rest_listen_uri = http://0.0.0.0:9000/api/
web_listen_uri = http://0.0.0.0:9000/
elasticsearch_max_docs_per_index = 20000000
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300 (mengikuti listen dari elasticsearch)
simpan lalu start server
service graylog-server start

[root@graylog ~]# netstat -tulpn | grep java
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 1155/java


selesai untuk instalasi sesuai dengan requirement di atas.
Read More