Setup Graylog on Ubuntu 18.04 on Docker

Setup Graylog on Ubuntu 18.04 on Docker

If you haven't setup docker on ubuntu yet, visit our Install docker and docker-compose on Ubuntu 18.04 guide first.

Basic Configuration

First create a docker-compose project folder.  We recommend /containers/graylog as an example.

Graylog comes with a default configuration that works out of the box but you have to set a password for the admin user and the web interface needs to know how to connect from your browser to the Graylog REST API.

Generate your own admin password with the following command and put the SHA-256 hash into the  GRAYLOG_ROOT_PASSWORD_SHA2  environment variable:
echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1

You'll need to save this output and use it for the GRAYLOG_ROOT_PASSWORD_SHA2  environment variable.  For the   GRAYLOG_HTTP_EXTERNAL_URI  environment variable, use your public IP address to access the Graylog admin console remotely.  Finally, feel free to comment out all of the environment variables that start with   GRAYLOG_TRANSPORT_EMAIL   if you don't need email alerts.

Docker Compose File

Save the following inside your docker-compose project folder (for example:  /containers/graylog) in a file called "docker-compose.yml".

version: '3'
services:
  mongo:
    image: mongo:3
    networks:
      - graylog
    container_name: mongo
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10
    environment:
      - http.host=0.0.0.0
      - transport.host=localhost
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    deploy:
      resources:
        limits:
          memory: 1g
    networks:
      - graylog
    container_name: elasticsearch
  graylog:
    image: graylog/graylog:3.3.3
    environment:
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=
      - GRAYLOG_HTTP_EXTERNAL_URI=
      - GRAYLOG_TRANSPORT_EMAIL_ENABLED=true
      - GRAYLOG_TRANSPORT_EMAIL_HOSTNAME=
      - GRAYLOG_TRANSPORT_EMAIL_PORT=587
      - GRAYLOG_TRANSPORT_EMAIL_USE_AUTH=true
      - GRAYLOG_TRANSPORT_EMAIL_USE_TLS=true
      - GRAYLOG_TRANSPORT_EMAIL_USE_SSL=false
      - GRAYLOG_TRANSPORT_EMAIL_AUTH_USERNAME=
      - GRAYLOG_TRANSPORT_EMAIL_AUTH_PASSWORD=
      - GRAYLOG_TRANSPORT_EAMIL_FROM_NAME=
      - GRAYLOG_TRANSPORT_EMAIL_FROM_EMAIL=
    networks:
      - graylog
    depends_on:
      - mongo
      - elasticsearch
    ports:
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201-12210:12201-12210
      # GELF UDP
      - 12201-12210:12201-12210/udp
       # Logstash TCP
      - 5044:5044
      # Logstash UDP
      - 5044:5044/udp
    container_name: graylog
networks:
  graylog:
    driver: bridge

Launch Graylog using Docker Compose

Finally, start the graylog containers using the following commands:
cd /containers/graylog && docker-compose up -d
You can monitor the graylog containers using the following commands:
watch docker ps -a
docker logs --tail 150 --follow graylog

    • Related Articles

    • Setup an email account on iPhone using IMAP or POP

            How to set up your email account manually If you need to set up your email account manually, make sure that you know the email settings for your account. If you don’t know them, you can look them up or contact your email provider. Then follow ...

    • Setup Gmail app on Android phones for IMAP or POP3 email accounts

      The incoming and outgoing servers specific to your company will be provided to you in a support ticket.  If you are an existing customer, please visit https://helpdesk.navasolutions.net to open a IT request. After your email service has been migrated ...

    • Setup Outlook App on Android phones for Google or Office365 accounts

      Fast forward to 55 seconds to skip the promotion of the app. Additional Instructions below the video. Set up Outlook for Android for the first time Note: If you have a work account that requires the Intune Company Portal app, install it from the ...

    • Reinstall Nextiva App for Windows

      Open Control Panel Go to “Uninstall a Program” in Control Panel Uninstall Nextiva App Click on “Nextiva App” and then click on “Uninstall/Change”. Proceed through uninstallation steps. Download and Reinstall Nextiva App for Windows Goto the links ...