cookbook 'graylog', '= 0.1.0'
graylog
(23) Versions
0.1.0
-
Follow0
Installs/Configures graylog
cookbook 'graylog', '= 0.1.0', :supermarket
knife supermarket install graylog
knife supermarket download graylog
graylog cookbook
This cookbook sets up Graylog2, version >= 0.20.x
(not the old rails graylog2).
Including the following support services:
- Elasticsearch
- MongoDB
Quickstart
To quickly setup a working Graylog2 installation on a single node, do the following:
- Setup application secrets
node['graylog']['server']['graylog2.conf']['password_secret'] = 'CHANGE ME!' node['graylog']['server']['graylog2.conf']['root_password_sha2'] = '...' # generate with "echo -n yourpassword | shasum -a 256" node['graylog']['web_interface']['graylog2-web-interface.conf']['application.secret'] = 'CHANGE ME!'
- Add default recipe to your run_list
{ "run_list": [ "recipe[graylog::default]" ] }
Supported Platforms
Currently tested on Ubuntu-14.04 LTS.
Dependencies
- Chef
>= 0.11
- MongoDB cookbook
- Ark cookbook
- Apt cookbook
Attributes
graylog2 server
Attributes to adjust installation details (defaults should "just work")
node['graylog']['server']['version'] = '0.20.3' # Version to install node['graylog']['server']['user'] = 'graylog2' # User graylog2 uses (will be created) node['graylog']['server']['url'] = 'https://example.com/graylog.tar.gz' # URL to graylog2 tar.gz package (Github is the default)
Attributes to configure Graylog2.
The password_secret
and root_password_sha2
attributes NEED to be changed, otherwise your installation will use the default ones, which is insecure!
# You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters. # Generate one by using for example: pwgen -s 96 node['graylog']['server']['graylog2.conf']['password_secret'] = 'CHANGE ME!' # the default root user is named 'admin' # You MUST specify a hash password for the root user (which you only need to initially set up the # system and in case you lose connectivity to your authentication backend) # This password cannot be changed using the API or via the web interface. If you need to change it, # modify it in this file. # Create one by using for example: echo -n yourpassword | shasum -a 256 # and put the resulting hash value into the following line # # This cookbook defaults password to 'CHANGEME!' node['graylog']['server']['graylog2.conf']['root_password_sha2'] = '90aba6bd1562f5af8f912ac3fe00d9ed7387bd84ec32f3da7415f4078da5efb8'
This recipe disables multicast to learn about Elasticsearch. This is recommended for production.
# The default unicast host used and configured by this recipe is automatically retrieved from the Elasticsearch attributes # (See below, node['graylog']['elasticsearch']['host'] and node['graylog']['elasticsearch']['port']) node['graylog']['server']['graylog2.conf']['elasticsearch_discovery_zen_ping_multicast_enabled'] = false node['graylog']['server']['graylog2.conf']['elasticsearch_discovery_zen_ping_unicast_hosts'] = '127.0.0.1:1234'
The cookbook accepts every possible configuration option supported by graylog2.conf:
node['graylog']['server']['graylog2.conf']['key'] = 'value'
Web-Interface
Attributes to adjust installation details (defaults should "just work")
node['graylog']['web_interface']['version'] = '0.20.3' # Version to install node['graylog']['web_interface']['user'] = 'graylog2' # User graylog2 uses (will be created) node['graylog']['web_interface']['url'] = 'https://example.com/webinterface.tar.gz' # URL to graylog2 tar.gz package (Github is the default)
Configure application secret. You NEED to change this, otherwise your installation will be insecure!
# If you deploy your application to several instances be sure to use the same key!
# Generate for example with: pwgen -s 96
node['graylog']['web_interface']['graylog2-web-interface.conf']['application.secret'] = 'CHANGE ME!'
Configure timezone
node['graylog']['web_interface']['graylog2-web-interface.conf']['timezone'] = 'Europe/Berlin'
The cookbook accepts every possible configuration option supported by graylog2-web-interface.conf:
node['graylog']['web_interface']['graylog2-web-interface.conf']['key'] = 'value'
Elasticsearch
The elasticsearch
recipe installs Elasticsearch using the official PPA repository.
You can finetune the installation here, although the defaults should "just work".
The settings below are the defaults
# Elasticsearch version to use. Currently 0.90.x and 1.0.x versions are available # See: http://www.elasticsearch.org/blog/apt-and-yum-repositories/ node['graylog']['elasticsearch']['version'] = '0.90' # Assign half of the systems memory to elasticsearch heap (recommended setting) # See: http://support.torch.sh/help/kb/graylog2-server/configuring-and-tuning-elasticsearch-for-graylog2-v0200 node['graylog']['elasticsearch']['heap_size'] = "#{(node['memory']['total'].to_i / 1024 / 2).to_i}m" node['graylog']['elasticsearch']['cluster_name'] = 'graylog2' # Elasticsearch ip:port to use node['graylog']['elasticsearch']['host'] = '127.0.0.1' node['graylog']['elasticsearch']['port'] = 9300
MongoDB
The default
recipe installs MongoDB, using the MongoDB cookbook.
As MongoDB is only used to store small amounts of data, it's usually sufficient to use a small data partition. Therefore, smallfile is enabled by default.
You can override the setting if needed, like so
node['mongodb']['config']['smallfiles'] = false
Recipes
graylog::default
Installs and configures Elasticsearch, MongoDB, Graylog2 server and The Graylog2 web-interface.
graylog::elasticsearch
Installs Elasticsearch from the official PPA, and configures it for Graylog2 use.
graylog::server
Installs and configures Graylog2 server.
graylog::web_interface
Installs and configures Graylog2 web-interface.
Contributing
- Fork the repository on Github
- Create a named feature branch (i.e.
add-new-recipe
) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request
License and Authors
Author:: Chris Aumann (me@chr4.org)
Dependent cookbooks
apt >= 0.0.0 |
mongodb >= 0.0.0 |
ark >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.