GRAYLOG2 is an open-source log storage System, written by the Java language Server, capable of receiving log information sent by TCP,UDP,AMQP protocol, and fast storage based on the MongoDB database server, through a ruby-based Web management interface , let's easily manage your logs.
1. Component Preparation
|
name |
Component Name |
Notes |
1 |
Mongodb |
|
2 |
Elasticsearch |
|
3 |
Graylog2 |
|
2. Installation
Deploying with Docker-compose
Docker-compose installation, reference: http://hujianxiong.com/linuxan-zhuang-docker-compose/
Docker-compose file:
Version: ' 2 '
Services
Mongo
Image: "Mongo:3"
Restart:always
Volumes
- /workspace/data/graylog/data/mongo:/data/db
Elasticsearch
Image: "Elasticsearch:2"
Command: "Elasticsearch-des.cluster.name= ' Graylog '"
Volumes
- /workspace/data/graylog/data/elasticsearch:/usr/share/elasticsearch/data
Restart:always
Graylog
Image:graylog2/server
Volumes
- /workspace/data/graylog/data/journal:/usr/share/graylog/data/journal
- /workspace/data/graylog/config:/usr/share/graylog/data/config
Environment:
Graylog_password_secret:somepasswordpepper
graylog_root_password_sha2:8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
#GRAYLOG_WEB_ENDPOINT_URI: http://0.0.0.0:9000/api/
graylog_rest_transport_uri:http://10.250.160.33:12900
DEPENDS_ON:
- MONGO
- elasticsearch
Links:
- Mongo:mongo
- elasticsearch:elasticsearch
Ports :
- "9000:9000"
- "12900:12900"
- "12201/udp:12201/udp"
- "1514/UDP:1514/UDP"
Restart:always
3. Download configuration file
[[email protected] ~]# mkdir-p/workspace/data/graylog/config
[[email Protected] ~]# cd/workspace/data/graylog/config
[[email protected] config]# wget https:// Raw.githubusercontent.com/graylog2/graylog2-images/2.1/docker/config/graylog.conf
[[email protected] config]# wget https://raw.githubusercontent.com/Graylog2/graylog2-images/2.1/docker/config/log4j2.xml
4. Deployment
[[email protected] ~]# docker-compose up-d
5.Graylog configuration receive log
Login http://10.250.160.32:9000 admin/admin
Configuring System==>input==>select input ===>gelf UDP
6. Modify the Docker daemon startup parameters
–log-driver=gelf
–log-opt gelf-address=udp://10.250.160.32:12201
–log-opt Gelf-compression-type=gzip
–log-opt gelf-compression-level=1
–log-opt tag= "Test01_env"
7. Restart Daemon
[Email protected] ~]# Systemctl daemon-reload
[Email protected] ~]# Systemctl restart Docker
After you start the container, you can see the logs received in the Graylog management interface.
Reference: Http://docs.graylog.org/en/2.1/pages/installation/docker.html#requirements
GRAYLOG2 implementing Docker Container Log Collection