GrayLog5.2版本即将到来，架构也发生变化

(图片点击放大查看)

目前使用的5.1版本比较稳定，GrayLog5.1版本目前已经更新到5.1.7版本

开源日志平台GrayLog5.1.7 CentOS7一键安装脚本

(图片点击放大查看)

基础环境说明

• 1、CentOS7.9（关闭SELINUX）
• 2、GrayLog5.1.7一键安装脚本和相关组件压缩包

MongoDB6.0+OpenSearch2.8+GrayLog5.1.7的EL7版本rpm安装包

• 3、环境说明 建议内存大于8G，CPU8核及以上

建议专门一个/data分区,(LVM可扩展更佳),用于存放用GrayLog采集的日志

一键脚本安装过程如下

1、SFTP上传如下文件

• GrayLog5.1.7_MongoDB6.0_opensearch2.8_RPM.tar.gz
• GrayLogServer5.1.7_install.sh

(图片点击放大查看)

2、安装完成后即可登录GrayLog Web界面

(图片点击放大查看)

账号密码为admin/Graylog@2023

(图片点击放大查看)

(图片点击放大查看)

3、具体脚本内容如下

GrayLogServer5.1.7_install.sh

#!/bin/bash
#关闭SELINUX
sed -i 's/enforcing/disabled/g' /etc/selinux/config
setenforce 0
#解压安装包
mkdir -p /opt/GrayLog_install
tar -zxvf ./GrayLog5.1.7_MongoDB6.0_opensearch2.8_RPM.tar.gz -C /opt/GrayLog_install
cat > /etc/yum.repos.d/mongodb-org.repo << EOF
[mongodb-org-6.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/6.0/x86_64/
gpgcheck=0
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-6.0.asc
EOF
cd /opt/GrayLog_install
#安装mongodb-server服务
rpm -Uvh cyrus-sasl*.rpm
rpm -Uvh mongodb*.rpm

#启动mongodb-server服务
systemctl daemon-reload
systemctl enable mongod.service
systemctl start mongod.service
systemctl --type=service --state=active | grep mongod
firewall-cmd --add-port=27017/tcp --permanent --zone=public 
firewall-cmd --reload 

#安装opensearch
rpm -ivh /opt/GrayLog_install/opensearch-2.8.0-linux-x64.rpm
#单独的/data目录下创建目录用于存放opensearch数据
mkdir -p /data/opensearch/data
mkdir -p /data/opensearch/logs
chown -R opensearch /data/opensearch
sysctl -w vm.max_map_count=262144
echo 'vm.max_map_count=262144' >> /etc/sysctl.conf


cp /etc/opensearch/opensearch.yml /etc/opensearch/opensearch.yml_default
#修改opensearch相关配置文件
sed -i "s@#cluster.name: [email protected]: graylog@g" /etc/opensearch/opensearch.yml
sed -i "s@#node.name: [email protected]: graylog@g" /etc/opensearch/opensearch.yml
sed -i "s#path.data: /var/lib/opensearch#path.data: /data/opensearch/data#g" /etc/opensearch/opensearch.yml
sed -i "s#path.logs: /var/log/opensearch#path.logs: /data/opensearch/logs#g" /etc/opensearch/opensearch.yml
sed -i "s@#network.host: [email protected]: 0.0.0.0@g" /etc/opensearch/opensearch.yml
echo "discovery.type: single-node" >> /etc/opensearch/opensearch.yml
echo "action.auto_create_index: false" >> /etc/opensearch/opensearch.yml
echo "plugins.security.disabled: true" >> /etc/opensearch/opensearch.yml

#修改JVM内存大小
sed -i "s/-Xms1g/-Xms4g/g" /etc/opensearch/jvm.options
sed -i "s/-Xmx1g/-Xmx4g/g" /etc/opensearch/jvm.options
#启动opensearch服务
systemctl daemon-reload
systemctl enable opensearch.service
systemctl restart opensearch.service
firewall-cmd --add-port=9200/tcp --permanent --zone=public 
firewall-cmd --reload 
curl -s -XGET 'http://127.0.0.1:9200/_cluster/health?pretty=true'
curl -s -XGET 'http://127.0.0.1:9200/_cat/nodes?v'
#安装graylog-server服务
rpm -ivh  /opt/GrayLog_install/graylog-server-5.1.7-1.x86_64.rpm
cp /etc/graylog/server/server.conf /etc/graylog/server/server.conf_default
#修改graylog-server相关配置文件
sed -i "s/password_secret =/password_secret = 0pAHJtPdZZUb5yHAvFbBezbWAlQwh9CbRX1rshJEVxM0kV7t0SpIgY5q9tLpVEwWLElhG3EtbvQ03mTm9i0HuvWKwlWgWiIJ/g" /etc/graylog/server/server.conf
sed -i "s/root_password_sha2 =/root_password_sha2 = 429d280c5ddad83d94770b077b22124231efc727d504b107883297304b3e2939/g" /etc/graylog/server/server.conf
sed -i "s@#root_timezone = UTC@root_timezone = Asia/Shanghai@g" /etc/graylog/server/server.conf
sed -i "s@#http_bind_address = 127.0.0.1:9000@http_bind_address = 0.0.0.0:9000@g" /etc/graylog/server/server.conf
sed -i "s/allow_highlighting = false/allow_highlighting = true/g" /etc/graylog/server/server.conf
#修改graylog-server启动时JVM内存大小
sed -i "s/-Xms1g -Xmx1g/-Xms2g -Xmx2g/g" /etc/sysconfig/graylog-server

firewall-cmd --add-port=9000/tcp --permanent --zone=public 
firewall-cmd --reload
#启动graylog-server服务
systemctl daemon-reload
systemctl restart graylog-server
systemctl enable graylog-server

4、脚本及安装包下载链接

扫码关注本公众号后，后台回复【Graylog5.1.7】获取一键安装脚本和安装包下载链接