Notice
Recent Posts
Recent Comments
Link
| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 |
Tags
- ripng
- ipv6
- Chrony
- vrrp
- NAT
- OSI 7 layer
- eigrpv2
- stp
- 헤더
- DHCP
- 스위치
- rip
- Inter VLAN
- 장비
- Vlan
- 라우터
- ACL
- ospfv3
- OSPF
- crontab
- GLBP
- 명령어
- CKA
- Redistribute
- tunneling
- Etherchannel
- eigrp
Archives
- Today
- Total
Net Eng
Graylog 서버 구축 본문
■ 필요한 패키지 설치
yum install epel-release -y
yum install pwgen -y
yum install java-1.8.0-openjdk-headless.x86_64 -y
vi /etc/yum.repos.d/mongodb-org.repo
■ MongoDB 설치/서비스 기동
yum install mongodb-org -y
systemctl daemon-reload
systemctl enable mongod.service
systemctl start mongod.service
systemctl --type=service --state=active | grep mongod
■ Elasticsearch 설치/설정/서비스 기동
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
vi /etc/yum.repos.d/elasticsearch.repo
yum install elasticsearch-oss -y
vi /etc/elasticsearch/elasticsearch.yml
------------------------------------------------
cluster.name: graylog
....중략.... (문서 마지막 라인 추가)
action.auto_create_index: false
---------------------------------------------------------
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl restart elasticsearch.service
systemctl --type=service --state=active | grep elasticsearch
firewall-cmd --permanent --add-port={9200/tcp,1607/udp}
firewall-cmd --reload
■ Graylog 설치
rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-4.2-repository_latest.rpm
# cd /etc/yum.repos.d ; ls
yum install graylog-server -y
echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1
8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
pwgen -N 1 -s 96
gQqyZFMssBR1i55TpzdwnsNdlGyHPVm4aaAJwZeQkaMzTjvmCa1od0AqTrWK6LKMwf2BCStefIJ1gL28GOXLWPRqu4uBMPqr
vi /etc/graylog/server/server.conf
------------------------------------------------------------------------
password_secret = gQqyZFMssBR1i55TpzdwnsNdlGyHPVm4aaAJwZeQkaMzTjvmCa1od0AqTrWK6LKMwf2BCStefIJ1gL28GOXLWPRqu4uBMPqr
root_password_sha2 = 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
root_timezone = Asia/Seoul
elasticsearch_shards = 1
------------------------------------------------------------------------
systemctl daemon-reload
systemctl enable graylog-server.service
systemctl start graylog-server.service
systemctl --type=service --state=active | grep graylog
firefox http://localhost:9000 &
■ 스크립트로 로그파일 만들어서 graylog로 전송
vi /root/bin/msg3.sh (IP : 192.168.10.20/1607 포트)
chmod 700 /root/bin/msg3.sh
■ rsyslog 이용하여 log 파일 graylog로 전송
vi /etc/rsyslog.d/graylog.conf
systemctl restart rsyslog.service'Linux' 카테고리의 다른 글
| Chrony 명령어 (0) | 2024.06.18 |
|---|---|
| GPT 검색 명령어 정리 (0) | 2024.06.05 |
| RPM 패키징 (0) | 2024.06.05 |
| RAID 구축과 장애 조치 (0) | 2024.06.05 |
| Linux 기본 명령어 (0) | 2024.06.05 |
'Linux' Related Articles
more
