How to Install Graylog with Data Node on Ubuntu

For step by step instructions installing Graylog and Data Node V6.1, follow this link.

Below is a summary of the transcript.

Introduction

Hi, I’m Ethan Keaton, Technical Marketing Manager here at Graylog. Today, I’m going to walk you through how to install Grog 6.1 with Data Node on Ubuntu 22.04. If you happen to catch any of my previous installs, welcome back! If you’re new and it’s your first time catching one of my videos, welcome!

 

Installation Steps Overview

First on our install list:
– Import the key
– Create the list file
– Install and start the service

Let’s go ahead and jump in.

 

Step 1: Preparing the System

Now we’re on the Ubuntu box with a fresh OS install. The first thing we need to do, before jumping into installing and importing the key, is downloading some dependencies.

Step 1.1: Importing the Key and Creating the List File

– Import the key
– Create the list file
– Download the package

Step 1.2: Installing and Enabling the Service

Now let’s go ahead and install it. We have to ensure the service is enabled so that, in case this box goes down, the service will automatically come back up. Now let’s start the service and check if it’s running.

– MongoDB is running, great!

Step 2: Installing Data Node

Next on our list is installing the Data Node. You might be wondering: What exactly is Data Node?

Data Node is a Graylog management tool for OpenSearch.

Step 2.1: Downloading the Graylog Package

Let’s go ahead and cut back over to the terminal. We need to grab the Graylog package and extract it. Now, let’s update the system and install Graylog Data Node Data Node.

Step 2.2: Configuring Data Node

Data Node is now installed, but before we can start it, we need to make some changes. First, grab this command, and then we need to make a change to the datanode.conf file by setting the password secret.

– Script the datanode.conf file to ensure the password is set.
– Enable and start the Data Node service.

Now, Data Node is installed and running!

 

Step 3: Installing Graylog Server

Now, let’s move on to installing the Graylog server. We already have the package, so we just change the syntax from graylog-datanode to installing graylog-server.

Step 3.1: Open Edition vs. Enterprise Edition

I’m installing the Open Edition. If you’re installing the Enterprise Edition, make sure to change the syntax correctly to graylog-enterprise.

Step 3.2: Configuring Grog Server

Just like Data Node, Grog will not start on its own, so we need to make some modifications. Remember how I mentioned that we needed to set the password secret in the datanode.conf file? Now, we need to grab it and add it to the `server.conf` file.

– Use this command to set the admin password (in this live environment, we’ll set it to “demo”).
– Modify the graylog-server.conf file by adding the password secret and admin hash.

Step 3.3: Additional Configurations

In the configuration file, there are some changes I like to make:
– Set the server to the appropriate time zone (I’m on the West Coast, so I’ll set it accordingly).
– Change the bind address to the actual IP of the server.

Step 3.4: Enabling and Starting the Service

Let’s repeat the process of enabling and starting the Grog server. Now, Graylog is up and ready!

 

Step 4: Accessing the Grog UI

Before we hit the UI, we need to retrieve some information from the `server.log` file, including the admin password and UI URL.

Since we’ve installed Graylog with Data Node, the interface looks a little different. This is the Graylog pre-flight UI. Grog is up, but Data Node is not yet configured.

Step 4.1: Configuring the Certificate Authority (CA)

We need to configure the CA:
– Set the name (I’ll change it to “Graylog Labs”).
– Customize the renewal policies.

Step 4.2: Completing the Setup

Once that’s done, let’s provision and resume startup.

Final Steps: Logging into Grog

Now that Graylog and Data Node are both running, it’s back to business as usual. Log in with the admin password, and we’re in the Graylog UI!

– Go to System and Data Node to find information on the Data Node settings.

 

Conclusion

That’s it, folks! We have successfully installed Grog 6.1 with Data Node. If you liked this video, I’d appreciate it if you hit the like button. Also, make sure to subscribe so you can stay current with the latest Graylog content.

Until next time, happy logging!