Direct Deployment
Installing software directly on Linux servers is typically done using operating system packages. Debian-based systems use DEB
packages, Red Hat-based systems use RPM
packages, and other distributions have similar formats.
apt-get
or yum
. Alternatively, the packages can be downloaded directly from the Graylog repository using a web browser.
This article provides general information on the process of installing operating system packages. For step-by-step guides on installing Graylog on your preferred Linux-based operating system, see the complete list of installation guides available.
Prerequisites
Before proceeding, ensure that the following prerequisites are met:
-
Graylog requires a compatible version of MongoDB.
- Ensure that you are installing Graylog on a supported operating system.
Installation Guides
The following installation guides provide step-by-step guidance on installing Graylog on supported operating systems.
For installation guides on small-scale clusters with a single Graylog node, see the following:
For installation guides on medium to large clusters with multiple Graylog nodes, see the following:
For those intending to build larger or more complex environments, see the guidance on custom builds.
For general information on how to install Graylog using DEB
and RPM
packages, see the sections below.
DEB Operating System Package Installation
Graylog builds and hosts DEB
packages for use with supported operating systems, like Debian and Ubuntu. Overall, the process of installation with DEB
packages is as follows:
1. Define the Graylog package repository:
wget https://packages.graylog2.org/repo/packages/graylog-6.1-repository_latest.deb
sudo dpkg -i graylog-6.1-repository_latest.deb
sudo apt-get update
sudo apt-get install graylog-datanode
3. After configuring Data Node, enable and start the service:
sudo systemctl enable graylog-datanode.service
sudo systemctl start graylog-datanode
4. Then install the Graylog server software.
For Graylog Open:
sudo apt-get install graylog-server
For Graylog Enterprise:
sudo apt-get install graylog-enterprise
5. After the installation has completed successfully and you have set your configurations, start Graylog with the following commands:
sudo systemctl daemon-reload
sudo systemctl enable graylog-server.service
sudo systemctl start graylog-server.service
sudo systemctl --type=service --state=active | grep graylog
sudo systemctl enable graylog-server
.
DEB Manual Repository Installation
It is possible to manually define the repository; however, this is not recommended. To do so, follow these general steps:
1. First, add the Graylog GPG keyring that is being used to sign the packages to your system.
/etc/apt/trusted.gpg.d/
.
2. Now create a file at /etc/apt/sources.list.d/graylog.list
with the following content:
deb https://packages.graylog2.org/repo/debian/ stable 6.1
3. Continue to follow the process of installing the Data Node and Graylog services as defined in the section above.
RPM Operating System Package Installation
Graylog builds and hosts RPM
packages for use with supported operating systems, like Red Hat and SUSE. Generally, the process of installation with RPM
packages is as follows:
1. Define the Graylog package repository:
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-6.1-repository_latest.rpm
For Red Hat (RHEL)
sudo yum install graylog-datanode
For SUSE:
sudo zypper install graylog-datanode
3. After configuring Data Node, enable and start the service:
sudo systemctl enable graylog-datanode.service
sudo systemctl start graylog-datanode
4. Then install the Graylog server software, selecting the correct command depending on your operating system and Graylog product.
For Graylog Open on Red Hat:
sudo yum install graylog-server
For Graylog Enterprise on Red Hat:
sudo yum install graylog-enterprise
For Graylog Open on SUSE:
sudo zypper install graylog-server
For Graylog Enterprise on SUSE:
sudo zypper install graylog-enterprise
5. After the installation has completed successfully and you have set your configurations, started Graylog with the following commands:
sudo systemctl daemon-reload
sudo systemctl enable graylog-server.service
sudo systemctl start graylog-server.service
sudo systemctl --type=service --state=active | grep graylog
sudo systemctl enable graylog-server
.
RPM Manual Repository Installation
It is possible to manually define the repository; however, this is not recommended. To do so, follow these general steps:
1. Add the Graylog GPG keyring that is being used to sign the packages to your system.
/etc/pki/rpm-gpg/RPM-GPG-KEY-graylog
.
2. Now create a file at /etc/yum.repos.d/graylog.repo
with the following content:
[graylog]
name=graylog
baseurl=https://packages.graylog2.org/repo/el/stable/6.1/$basearch/
gpgcheck=1
repo_gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-graylog
3. Continue to follow the process of installing the Data Node and Graylog services as defined in the section above.
Manual Installation on Linux Servers
You can manually install Graylog on Linux-based systems by downloading and extracting the Graylog tarball. We generally recommend you follow the process in the sections below.
Install JDK
Graylog requires Java 17 (e.g. OpenJDK). Refer to the OpenJDK documentation for more information on this process.
-
Install OpenJDK.
For Debian/Ubuntu:
Copysudo apt-get install openjdk-17-jre
sudo update-java-alternatives --set java-1.17.0-openjdk-amd64 --jre-headlessFor Red Hat (RHEL):
Copysudo yum install java-17-openjdk-headless
sudo update-alternatives --config javaFor SUSE:
Copysudo zypper install java-17-openjdk-headless
sudo update-alternatives --config java -
Start the Graylog server:
Copycd /usr/share/graylog-server/bin/
./graylogctl start
Download Graylog
Further Reading
Explore the following additional resources and recommended readings to expand your knowledge on related topics: