Log analysis – Graylog really shines when exploring data to understand what is happening in your environment.It uses enhanced search, search workflow and dashboards. Extracting data – whenever log management system is in operations, there will be summary data that needs to be passed to somewhere else in your Operations Center.
Graylog offers several options that include scheduled reports, correlation engine, REST API and data fowarder.
Enhanced security and performance – Graylog often contains sensitive, regulated data so it is critical that the system itself is secure, accessible, and speedy. This is achieved using role-based access control, archiving, fault tolerance e.t.c Extendable – with the phenomenal Open Source Community, extensions are built and made available in the market to improve the funmctionality of Graylog. This guide will walk you through how to run the Graylog Server in Docker Containers. Install Docker and Docker-Compose on Linux This method is preferred since you can run and configure Graylog with all the dependencies, Elasticsearch and MongoDB already bundled.īefore we begin, you need to update the system and install the required packages. To install the docker engine, use the dedicated guide below: Of course, you need the docker engine to run the docker containers. How To Install Docker CE on Linux Systems. Once installed, check the installed version. With docker installed, proceed and install docker-compose using the guide below: This will allow you to run docker commands without using sudo sudo usermod -aG docker $USER You also need to add your system user to the docker group. Now start and enable docker to run automatically on system boot. 
sudo systemctl start docker & sudo systemctl enable docker 2. To be able to achieve this, we will capture the information and settings in a YAML file.Ĭreate the YAML file as below: vim docker-compose.yml The Graylog container will consist of the Graylog server, Elasticsearch, and MongoDB. Graylog_journal:/usr/share/graylog/data/journal #journal and config directories in local NFS share for persistence Image: /elasticsearch/elasticsearch-oss:7.10.2 In the file, add the below lines: version: '2'
0 kommentar(er)
