[gcp]ubuntu18.04 graylog2.4 install

의존성 패키지 설치 진행. [ mogodb 4.0 elasticsearch 5.4 graylog 2.4 ]

apt update && apt upgrade

apt-get install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen -y

apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9DA31620334BD75D9DCB49F368818C72E52529D4

echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.0.list

apt-get update

apt-get install -y mongodb

버전업데이트 멈춤

echo "mongodb-org hold" | sudo dpkg --set-selections

echo "mongodb-org-server hold" | sudo dpkg --set-selections

echo "mongodb-org-shell hold" | sudo dpkg --set-selections

echo "mongodb-org-mongos hold" | sudo dpkg --set-selections

echo "mongodb-org-tools hold" | sudo dpkg --set-selections

service mongodb start

-----------------elasticsearch 5.4------------------------

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -

apt-get install apt-transport-https -y

echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-5.x.list

apt-get update && apt-get install elasticsearch

cat /etc/elasticsearch/elasticsearch.yml |grep -v ^#

sed -i 's/.*cluster.name: .*/cluster.name: graylog/' /etc/elasticsearch/elasticsearch.yml

cat /etc/elasticsearch/elasticsearch.yml |grep -v ^#

systemctl daemon-reload

systemctl enable elasticsearch.service 

systemctl restart elasticsearch.service

systemctl status elasticsearch.service 

-----------------graylog2.4------------------------

cd /opt

wget https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.deb

dpkg -i graylog-2.4-repository_latest.deb

apt-get update

apt-get install graylog-server -y

systemctl enable graylog-server.service

systemctl start graylog-server.service

cat /etc/graylog/server/server.conf |grep '^\(root_password\|password\)'

pwgen -N 1 -s 72

WAS9O5McIZ1h49tj2oQuinaVFTUPBaI6FuIcxBdIdrEZ03JrukNOeOILrAe2RUeUrKtfdjYc

echo -n 'edtech2018' | shasum -a 256

f67328ec7c96a0ebcab5a1d4eadd7c9a25ca3d102a841d12818513cd5dc8d6a3

sed -i 's/^password_secret.*/password_secret = WAS9O5McIZ1h49tj2oQuinaVFTUPBaI6FuIcxBdIdrEZ03JrukNOeOILrAe2RUeUrKtfdjYc/' /etc/graylog/server/server.conf

sed -i 's/^root_password_sha2.*/root_password_sha2 = f67328ec7c96a0ebcab5a1d4eadd7c9a25ca3d102a841d12818513cd5dc8d6a3/' /etc/graylog/server/server.conf

cat /etc/graylog/server/server.conf |grep '^\(root_password\|password\)'

vim /etc/graylog/server/server.conf

root_timezone = Asia/Seoul

rest_listen_uri = http://0.0.0.0:9000/api

web_listen_uri = http://0.0.0.0:9000/

web_endpoint_uri = http://35.233.198.166:9000/api

systemctl restart graylog-server.service

curl -X GET 'http://localhost:9200'

curl -XGET 'http://localhost:9200/_nodes?pretty'

vim /etc/rsyslog.d/50-default.conf 

*.* @10.138.0.7:5140;RSYSLOG_SyslogProtocol23Format 

----------------------------------    graylog && logstash  ------------------------

##path 설정 필!!

echo PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/bin:/bin:/home/esls/node-v8.11.3-linux-x64/bin:/usr/share/logstash/bin/logstash

logstash -V

logstash-plugin install logstash-output-gelf