安装docker和docker-compose

参考文章:
CentOS 8.0-8.4 yum 安装docker-ce-左搜 (leftso.com)
Ubuntu 在线安装 Docker-左搜 (leftso.com)

已完成docker安装可以跳过此步骤

部署graylog


docker-compose.yml
# 更多docker-compose配置参考:https://docs.graylog.org/en/3.3/pages/installation/docker.html
version: '3'

services:

  mongo:
    image: mongo:4.2
    container_name: graylog_mongo
    restart: unless-stopped
    volumes:
      - /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime #时区问题
      - ./graylog/mongo_data:/data/db

  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    container_name: graylog_elasticsearch
    restart: unless-stopped
    volumes:
      - /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime #时区问题
      - ./graylog/es_data:/usr/share/elasticsearch/data
    environment:
      - http.host=0.0.0.0
      - discovery.type=single-node
      - "ES_JAVA_OPTS=-Xms256m -Xmx256m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    deploy:
      resources:
        limits:
          memory: 512m

  graylog:
    image: graylog/graylog:4.2
    container_name: graylog_graylog
    restart: unless-stopped
    volumes:
       - /usr/share/zoneinfo/Asia/Shanghai:/etc/localtime #时区问题
       - ./graylog/graylog_data_journal:/usr/share/graylog/data/journal
    environment:
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918 # Password: admin
      - GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9600/ # TODO 这里填写自己的ip地址
      - elasticsearch_hosts=http://elasticsearch:9200
      - mongodb_uri=mongodb://mongodb/graylog
      - GRAYLOG_ROOT_TIMEZONE=Asia/Shanghai #解决慢8小时问题
    ports:
      # Graylog web interface and REST API
      - 9600:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
      - 5044:5044
      - 5044:5044/udp
    depends_on:
      - mongo
      - elasticsearch
    links:
      - mongo
      - elasticsearch


启动命令
docker-compose up -d

启动成功后访问web页面即可:
http://ip:9600

自此docker环境下安装graylog4完成

更多graylog文章:
GrayLog 配置日志文件读取-左搜 (leftso.com)
 

评论区域