kris/graylog_demo
1
0
Fork 0
mirror of https://github.com/krislamo/graylog_demo synced 2024-11-09 21:50:35 +00:00
Code Issues Releases Wiki Activity
163f140726
graylog_demo/README.md

3.5 KiB
Raw Blame History

Graylog Demo

This is a demonstration of Graylog, a centralized log management system featuring a shell provisioned CentOS 7 Vagrant box. To illustrate various log collection methods httpd, rsyslog and docker are installed and a simple WordPress instance is deployed via Docker Compose. Log collection incorporates Fluentd to ship logs into a Graylog instance from containers, the syslog, and arbitrary filesystem logs.

This demonstration assumes you are familiar with using Vagrant + VirtualBox to automate the installation of virtual machines, although you can reference the Vagrantfile's shell provisioning sections to manually set up a system if you so desire. Please install these prerequisites before attempting the quick start below.

Notes about setup

  • This demonstration uses Traefik for routing and the xip.io wildcard DNS service. If DNS fails to resolve you may want to set the domains to the IP inside your operating system's hosts file.

  • Vagrant will provision a virtual machine with a static private Class B address (specifically 172.28.128.30). If you would like to change this IP address to something different you will need to change the PRIVATE_NET_IP variable in the Vagrantfile and the few wildcard DNS references to it in the two docker-compose.yml files.

  • Vagrant is set to allocate 4 cores and 4 GB of RAM, you may need to adjust this for your machine if necessary.

  • After deploying, Graylog takes the longest to become available and it may take 30 seconds to a few minutes to bring it up depending on your machine.

This project is a demonstration only and should not be used in a production environment.

Quick Start

This section assumes you will be using the default 172.28.128.30 IP address

  1. Clone the repository and navigate inside its directory
  2. Create and provision the VM using vagrant up
  3. Navigate to http://graylog.172.28.128.30.xip.io:8080/
  4. Login using admin for both the username and password.
  5. Navigate to Inputs: System > Inputs
  6. Select input GELF UDP and Launch new input
  7. Check the Global option at the top and give it a name (e.g. Fluentd) then save it
  8. Ensure it starts running automatically then click Show received messages
  9. Press the start button on the top right to start updating the feed every second

Syslog Test

  1. Go back to the terminal inside the project's directory and type vagrant ssh
  2. You can test Syslog collection with logger e.g. logger -t test Hello world (or just wait for some to appear)

Docker Test

File Test

Copyrights and Licenses

Copyright (C) 2020 Kris Lamoureux

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.