{"id":13973,"date":"2025-01-13T18:42:21","date_gmt":"2025-01-13T13:12:21","guid":{"rendered":"https:\/\/www.skynats.com\/?p=13973"},"modified":"2025-01-13T18:42:22","modified_gmt":"2025-01-13T13:12:22","slug":"how-to-install-graylog-on-ubuntu-24-04","status":"publish","type":"post","link":"https:\/\/www.skynats.com\/blog\/how-to-install-graylog-on-ubuntu-24-04\/","title":{"rendered":"How to Install Graylog on Ubuntu 24.04\u00a0"},"content":{"rendered":"\n

Graylog is a powerful open-source log management platform that provides real-time insights into your infrastructure’s performance and health. By enabling the collection, indexing, and analysis of log data from various sources, Graylog<\/a> simplifies system monitoring and troubleshooting. If you’re looking to enhance your system’s visibility, you can easily install Graylog on Ubuntu 24.04 to streamline log management and improve overall operational efficiency.<\/p>\n\n\n\n

Graylog, built on Elasticsearch for data storage and MongoDB for metadata management, offers a web-based interface for efficient log interaction. It is extensively used for processing large amounts of machine-generated data, making it perfect for security monitoring, tracking system performance, and resolving issues. To take full advantage of its capabilities, you can easily install Graylog on Ubuntu 24.04, which provides a reliable platform for managing and analyzing log data.<\/p>\n\n\n\n

Install Dependencies<\/strong><\/p>\n\n\n\n

Install several necessary utilities like curl, gnupg, and apt-transport-https:<\/p>\n\n\n\n

apt install apt-transport-https gnupg2 uuid-runtime pwgen curl dirmngr -y<\/code><\/pre>\n\n\n\n
Update your system\u2019s package list:<\/p>\n\n\n\n
apt update\napt upgrade<\/code><\/pre>\n\n\n\n
Install MongoDB<\/strong><\/p>\n\n\n\n
MongoDB is required for Graylog to store its configurations and metadata. Add the MongoDB repository\u2019s GPG key:<\/p>\n\n\n\n
curl -fsSL https:\/\/www.mongodb.org\/static\/pgp\/server-7.0.asc | gpg -o \/usr\/share\/keyrings\/mongodb-server-7.0.gpg --dearmor\necho \"deb [ arch=amd64,arm64 signed-by=\/usr\/share\/keyrings\/mongodb-server-7.0.gpg ] https:\/\/repo.mongodb.org\/apt\/ubuntu jammy\/mongodb-org\/7.0 multiverse\" | tee \/etc\/apt\/sources.list.d\/mongodb-org-7.0.list\napt update\napt install mongodb-org -y<\/code><\/pre>\n\n\n\n
Start and enable MongoDB<\/strong><\/p>\n\n\n\n
systemctl enable --now mongod\nsystemctl status mongod<\/code><\/pre>\n\n\n\n
Install Java (OpenJDK 11)<\/strong><\/p>\n\n\n\n
Graylog requires Java to run. We\u2019ll install OpenJDK 11:<\/p>\n\n\n\n
apt install openjdk-11-jre-headless<\/code><\/pre>\n\n\n\n
Check the installation:<\/p>\n\n\n\n
java --version<\/code><\/pre>\n\n\n\n
Install Elasticsearch<\/strong><\/p>\n\n\n\n
Graylog uses Elasticsearch for storing and indexing logs. First, import the Elasticsearch GPG key:<\/p>\n\n\n\n
curl -fsSL https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch | gpg --dearmor -o \/usr\/share\/keyrings\/elastic-archive-keyring.gpg\necho \"deb [signed-by=\/usr\/share\/keyrings\/elastic-archive-keyring.gpg] https:\/\/artifacts.elastic.co\/packages\/oss-7.x\/apt stable main\" | tee \/etc\/apt\/sources.list.d\/elastic-7.x.list\napt update && apt install elasticsearch-oss<\/code><\/pre>\n\n\n\n
Reload systemd, enable, and start Elasticsearch:<\/p>\n\n\n\n
systemctl daemon-reload\nsystemctl enable --now elasticsearch\nsystemctl status elasticsearch<\/code><\/pre>\n\n\n\n
Verify Elasticsearch is running:<\/p>\n\n\n\n
curl -X GET http:\/\/localhost:9200<\/code><\/pre>\n\n\n\n
Install Graylog<\/strong><\/h2>\n\n\n\n
Next, we will install the Graylog server. Download the Graylog repository package:<\/p>\n\n\n\n
wget https:\/\/packages.graylog2.org\/repo\/packages\/graylog-6.1-repository_latest.deb<\/code><\/pre>\n\n\n\n
Install the downloaded package:<\/strong><\/p>\n\n\n\n
dpkg -i graylog-6.1-repository_latest.deb<\/code><\/pre>\n\n\n\n
Update the package list and install the Graylog server:<\/p>\n\n\n\n
apt update\napt install graylog-server -y<\/code><\/pre>\n\n\n\n
Generate a Password Secret and Hash for Admin Password<\/strong><\/p>\n\n\n\n
Graylog requires a password secret for encryption. Generate a random secret with the following command:<\/p>\n\n\n\n
< \/dev\/urandom tr -dc A-Z-a-z-0-9 | head -c${1:-96};echo;<\/code><\/pre>\n\n\n\n
To hash the admin password, use this command:<\/p>\n\n\n\n
echo -n \"Enter Password: \" && head -1 <\/dev\/stdin | tr -d '\\n' | sha256sum | cut -d\" \" -f1<\/code><\/pre>\n\n\n\n
Configure Graylog<\/strong><\/h3>\n\n\n\n
Now, let\u2019s configure Graylog by editing its configuration file:<\/p>\n\n\n\n
vim \/etc\/graylog\/server\/server.conf<\/code><\/pre>\n\n\n\n
Make the following changes:<\/strong><\/p>\n\n\n\n
Set the password secret:<\/p>\n\n\n\n
password_secret = your_random_password_secret<\/code><\/pre>\n\n\n\n
Set the root password hash:<\/p>\n\n\n\n
root_password_sha2 = your_sha256_password_hash_here<\/code><\/pre>\n\n\n\n
Set the MongoDB URI:<\/p>\n\n\n\n
mongodb_uri = mongodb:\/\/localhost:27017\/graylog<\/code><\/pre>\n\n\n\n
Set the Elasticsearch hosts:<\/p>\n\n\n\n
elasticsearch_hosts = http:\/\/127.0.0.1:9200<\/code><\/pre>\n\n\n\n
Start and Enable Graylog Server<\/strong><\/h4>\n\n\n\n
Reload systemd, enable and start the Graylog service:<\/p>\n\n\n\n
systemctl daemon-reload\nsystemctl enable --now graylog-server\nsystemctl status graylog-server<\/code><\/pre>\n\n\n\n
 Access Graylog Web Interface<\/strong><\/h4>\n\n\n\n
Now that Graylog is installed and running, you can access its web interface. Open your browser and go to:<\/p>\n\n\n\n
http://your_server_ip:9000<\/code><\/pre>\n\n\n\n
Log in using the following credentials:<\/p>\n\n\n\n
Username: admin\n\nPassword: The password you set in the root_password_sha2 field<\/code><\/pre>\n\n\n\n
If you need assistance with the installation or setup of Graylog on Ubuntu 24.04, our support team is here to help. Whether you’re facing challenges during the installation process or need guidance on configuring Graylog for optimal performance, we offer expert support to ensure a smooth experience. Contact us<\/a> today, and we’ll guide you step-by-step on how to install <\/strong>Graylog on Ubuntu 24.04 and ensure it\u2019s running efficiently to meet your log management needs.<\/p>\n","protected":false},"excerpt":{"rendered":"
Graylog is a powerful open-source log management platform that provides real-time insights into your infrastructure’s performance and health. By enabling the collection, indexing, and analysis of log data from various sources, Graylog simplifies system monitoring and troubleshooting. If you’re looking to enhance your system’s visibility, you can easily install Graylog on Ubuntu 24.04 to streamline […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[949,948,899],"class_list":["post-13973","post","type-post","status-publish","format-standard","hentry","category-blog","tag-graylog","tag-install-graylog-on-ubuntu-24-04","tag-ubuntu-24-04"],"_links":{"self":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts\/13973","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/comments?post=13973"}],"version-history":[{"count":0,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts\/13973\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/media?parent=13973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/categories?post=13973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/tags?post=13973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}