VERSION=6 CLUSTERNAME=graylog
wget https://packages.graylog2.org/repo/packages/graylog-3.2-repository_latest.deb sudo dpkg -i graylog-3.2-repository_latest.deb sudo apt update sudo apt install -y pwgen authbind graylog-server graylog-integrations-plugins sudo systemctl daemon-reload sudo systemctl enable graylog-server ################################# echo -n "Enter Password: " PASS=$(head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1) sudo sed -i "s/password_secret =/password_secret = $(pwgen -N 1 -s 96)/g" /etc/graylog/server/server.conf sudo sed -i "s/root_password_sha2 =/root_password_sha2 = $PASS/g" /etc/graylog/server/server.conf sudo sed -i "s/#elasticsearch_max_time_per_index = 1d/elasticsearch_max_time_per_index = 1w/g" /etc/graylog/server/server.conf sudo sed -i "s/elasticsearch_max_number_of_indices = 20/elasticsearch_max_number_of_indices = 8/g" /etc/graylog/server/server.conf sudo systemctl start graylog-server
cat >> /tmp/graylog << EOF server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; server_name $(hostname -f); location / { proxy_set_header Host \$http_host; proxy_set_header X-Forwarded-Host \$host; proxy_set_header X-Forwarded-Server \$host; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Graylog-Server-URL http://$(hostname -f); proxy_pass http://127.0.0.1:9000; } } EOF sudo service nginx stop sudo mv /tmp/graylog /etc/nginx/sites-available/ sudo rm /etc/nginx/sites-enabled/default sudo ln -s /etc/nginx/sites-available/graylog /etc/nginx/sites-enabled/graylog sudo service nginx start
Last Updated: April 28, 2020