Graylog 小筆記 === > ref: > **需要先安裝docker-compose** > https://hackmd.io/ESREo_PXRW-JC5lMw5zqrg > **官方文件** > https://docs.graylog.org/en/3.3/pages/installation/docker.html --- :::warning [穩定版](https://hub.docker.com/r/graylog/graylog)已經出到4.0.6 ::: ## 安裝 #### 建立目錄, 路徑隨意 ``` mkdir /root/graylog ``` #### 建立 yml 檔案 ``` vim /root/graylog/docker-compose.yml ``` #### 從官方文件複製 yml 內容來貼上, 這邊選用 version 2 > vim 貼上小技巧參考 https://hackmd.io/Sagc-Bd0TAWsbtK6CXa-5w ``` version: '2' services: # MongoDB: https://hub.docker.com/_/mongo/ mongodb: image: mongo:3 restart: always elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10 restart: always environment: - http.host=0.0.0.0 - transport.host=localhost - network.host=0.0.0.0 - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 hard: -1 mem_limit: 1g # Graylog: https://hub.docker.com/r/graylog/graylog/ graylog: image: graylog/graylog:3.3 restart: always environment: # CHANGE ME (must be at least 16 characters)! - GRAYLOG_PASSWORD_SECRET=kYfrO6JoGs3uxnd8iR # Password: admin - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 - GRAYLOG_HTTP_EXTERNAL_URI=http://192.168.51.154:9000/ - GRAYLOG_ROOT_TIMEZONE=Asia/Taipei links: - mongodb:mongo - elasticsearch depends_on: - mongodb - elasticsearch ports: # Graylog web interface and REST API - 9000:9000 # Syslog TCP - 1514:1514 # Syslog UDP - 1514:1514/udp # GELF TCP - 12201:12201 # GELF UDP - 12201:12201/udp ``` :::info 1. 修改 GRAYLOG_HTTP_EXTERNAL_URI 為訪問地址 2. 修改 GRAYLOG_ROOT_TIMEZONE 指定時區 ::: #### 背景執行 ``` docker-compose up -d ```