How to Install Graylog on Clear Linux Latest

Introduction

Graylog is a powerful open-source log management and analysis tool, used to collect, index & analyze any machine-generated data. In this tutorial, we will walk through the step-by-step process of installing Graylog on Clear Linux, which is an open-source & security-focused Linux distribution.

Prerequisites

  • Linux machine running Clear Linux latest version
  • Minimum of 4GB RAM
  • Root or sudo privileges to run commands

Step 1: Install Java

Graylog requires Java 8 or higher version to run. Run the following command to see if Java is already installed on your system:

java -version

If Java is not installed, install it using the following command:

sudo swupd bundle-add java-runtime

Once the installation is completed, verify the Java version:

java -version

Step 2: Install Elasticsearch

Graylog requires Elasticsearch, a powerful search engine, to store and search logs. Clear Linux uses the mariadb bundle in place of elasticsearch. However, it is recommended to use Elasticsearch for Graylog. So you need to install Elasticsearch on Clear Linux.

sudo swupd bundle-add elasticsearch

Step 3: Install MongoDB

Graylog uses a NoSQL database, MongoDB, to store and retrieve data. Use the following command to install MongoDB on Clear Linux:

sudo swupd bundle-add mongodb

Step 4: Install Graylog

Download the Graylog repository key:

wget https://packages.graylog2.org/repo/packages/graylog-4.1-repository_latest.rpm

Install the downloaded package to add the Graylog repository to your system:

sudo rpm -Uvh graylog-4.1-repository_latest.rpm

Update the package list and install the Graylog server using the following commands:

sudo swupd update
sudo swupd bundle-add graylog-server

Once the installation is completed, start the Graylog service:

sudo systemctl start graylog-server

To check the status of the Graylog service, use the following command:

sudo systemctl status graylog-server

Step 5: Accessing Graylog Web Interface

Open a web browser and navigate to http://your_server_ip:9000. You should see the Graylog login page. Login with the default credentials:

  • Username: admin
  • Password: admin

After successful login, you will be redirected to the Graylog dashboard.

Conclusion

In this tutorial, you learned how to install Graylog on Clear Linux. You can now start sending logs from various sources to Graylog and use the powerful features of Graylog for log analysis and visualization. Enjoy!