We will installing and configuring Graylog Server on CentOS 6 as Part 3 of our series on Monitoring your systems with logstash and Graylog2. ::Part 1::Part 2::Part 4::
Please Note! This configuration is for the 0.9.5 version of Graylog2 Server and will be updated to reflect the changes in the message store implemented in version 0.9.6
Our goals are simple:
- Run as an unprivileged user
- Consistent installation, logging, and configuration locations
- Automating the installation
The installation overview:
- Download Graylog2 Server
- Create Intallation environment
- Unpack the Archive
- Configure Server Parameters
- Test installation
- Download and install the Java Service Wrapper
- Configure the Java Service Wrapper
- Test the Java Service Wrapper
We will assume you know the basics of system administration (ie.file permissions, ownership, etc.).
So let’s get this working!
Our next step is to create the installation environment. I’ve previously created a shell script for also installing logstash which will create the directories we’ll be needing, as well as to create our unprivileged user. You’ll need to run the script as root, but can test it as a normal user quite easily (with some minor modifications to the script).
The command to run the script is:
Our script will create the following directories:
Our script will then create a system user named “graylog2”, and
modify directory permissions so “graylog2″ can write to those locations.
We should next unpack the graylog2 server archive to “/usr/local/bin/graylog2” as root from our home directory.
We next copy the config file to “/etc/graylog2″
Our next step will be to configure our graylog2 server config file. Using your favorite editor edit /etc/graylog2/graylog2.conf such that it resembles the entries below. Remember to use the same username and password from setting up MongoDB
Now we can test if graylog2 server will run with our current configuration. “su” as user “graylog2″ and run the following command.
Now see if you are logging anything to Mongo in another terminal window as root.
If everything seems to be working as we hoped, we now configure graylog2 to run under the “Java Service Wrapper” which will allow us to run graylog2 as a service, launching as root and forking to run as user “graylog2″.
If you had not done previously, we should now download the Community version of the Java Service Wrapper and unpack it to ~/wrapper (ie. “/home/username/wrapper”).
We will then copy some files from the ~/wrapper directory for our graylog2 config.
Edit the below lines in /usr/local/bin/graylog2/bin/graylog2_wrapper with your favorite editor.
Edit the below lines in /etc/graylog2/wrapper.conf with your favorite editor (Note: I’ve hard coded some perfectly valid variables contained in Tanuki’s provided script).
You should now be able to launch graylog2 as root and have it run as graylog2.
In a terminal window as root:
If you run the wrapper script without any parameters, you’ll see it has a number of options available for our use.
That’s a wrap! We’ll next be posting instructions for setting up the Graylog2 web interface for viewing your logs.