Graylog is an open-source log management tool that can centralize and aggregate logs from various sources, including applications, servers, and network devices. In this tutorial, we will walk you through the process of installing Graylog on Void Linux.
Before proceeding with this tutorial, you need to have the following:
Graylog relies on Elasticsearch to store and index logs. To install Elasticsearch, run the following command:
sudo xbps-install -S elasticsearch
After the installation is complete, start the Elasticsearch service and enable it to start automatically during system boot:
sudo ln -s /etc/sv/elasticsearch /var/service/
sudo sv start elasticsearch
You can verify if Elasticsearch is running by visiting its health status API in a web browser:
http://localhost:9200/_cat/health?v
If everything is fine, you should see an output similar to this:
epoch      timestamp cluster       status node.total node.data shards pri relo init unassign pending_tasks max_task_wait_time active_shards_percent
1624944630 04:10:30  elasticsearch green           1         1      0   0    0    0        0             0                  -                100.0%
Graylog uses MongoDB as a NoSQL database to store configuration and metadata. To install MongoDB, run the following command:
sudo xbps-install -S mongodb
After the installation is complete, start the MongoDB service and enable it to start automatically during system boot:
sudo ln -s /etc/sv/mongodb /var/service/
sudo sv start mongodb
You can verify if MongoDB is running by checking its log file:
tail -f /var/log/mongodb/mongodb.log
If everything is fine, you should see a message similar to this:
[initandlisten] waiting for connections on port 27017
To install Graylog, run the following command:
sudo xbps-install -S graylog-server
After the installation is complete, edit the Graylog configuration file /etc/graylog/server/server.conf and change the following settings:
# Elasticsearch URL
elasticsearch_hosts = http://127.0.0.1:9200
# MongoDB connection settings
mongodb_uri = mongodb://127.0.0.1/graylog
mongodb_max_connections = 100
Save and close the file.
To start Graylog, run the following command:
sudo ln -s /etc/sv/graylog-server /var/service/
sudo sv start graylog-server
You can verify if Graylog is running by visiting its web interface in a web browser:
http://localhost:9000/
If everything is fine, you should see a login page.
Congratulations! You have successfully installed Graylog on Void Linux. You can now start sending logs to your Graylog server and explore its features.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!