Graylog, kayan aiki ne don gudanar da bincike da bincike

Darkcrizt

4 minti

santana1

Graylog dandamali ne mai ƙarfi wanda ke ba da damar sauƙin gudanar da bayanan bayanai masu tsari da marasa tsari tare da aikace-aikacen cire kuskure. Ya dogara ne akan Elasticsearch, MongoDB, da Scala.

Yana da babban sabar, wanda ke karɓar bayanai daga abokan cinikin sa da aka sanya a kan sabar daban-daban, da kuma yanar gizo, wanda ke nuna bayanan kuma yana ba da damar aiki tare da bayanan da babban uwar garken ya ƙara.

Game da Graylog

Girki yana da tasiri yayin aiki tare da ɗanyen kirtani (watau syslog) - kayan aikin yana sanya shi cikin bayanan da muke buƙata.

Hakanan yana ba da damar bincika abubuwan al'ada na ci gaba ta amfani da ingantattun tambayoyin.

Watau, idan aka haɗa shi da kyau tare da aikace-aikacen yanar gizo, Graylog yana taimaka wa injiniyoyi yin nazarin halayen tsarin kusan kowace layi.

Babban fa'idar Graylog ita ce cewa tana bayar da cikakken misali guda ɗaya na tarin tarin abubuwa ga ɗaukacin tsarin.

Wannan yana da amfani idan tsarin tsarin yana da girma da hadaddun. Ana iya rarraba shi a wurare da yawa kuma ba duk membobin ƙungiyar zasu iya samun damar zuwa duk abubuwan haɗin ta kai tsaye ba.

Tare da Graylog, muna magance waɗannan matsalolin kuma muna tabbatar da lokacin amsar abin da ya faru yana da sauri.

A cikin Logicify, ana iya amfani dashi don aikace-aikacen biyu a cikin ci gaba da waɗanda waɗanda aka riga aka sake su a bayyane. A lokuta biyun, wasu hanyoyin aikace-aikacen Graylog na musamman ne, yayin da wasu ke tsakaitawa.

Graylog Girkawa

Ana iya samun wannan kayan aikin tsakanin yawancin rarraba Linux, amma ya zama dole ayi wasu gyare-gyare kafin girka shi.

Game da waɗanda suke Debian, Ubuntu da masu amfani da ƙayyadaddun abubuwa, dole ne suyi abubuwa masu zuwa.

Zamu bude tashar mota kuma a ciki zamu buga wadannan umarni:

sudo apt install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen

Bayan daidaita abubuwan kunshin, dole ne su daidaita tsarin MongoDB tare da:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
sudo apt update
sudo apt install -y mongodb-org

Bayan girka MongoDB, fara bayanan tare da:

sudo systemctl daemon-reload
sudo systemctl enable mongod.service
sudo systemctl restart mongod.service

Bayan MongoDB, ya kamata ku shigar da kayan aikin Elasticsearch, kamar yadda Graylog yayi amfani da shi azaman baya.

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
sudo apt update && sudo apt install elasticsearch

Gyara fayil ɗin Elasticsearch YML tare da:

sudo nano /etc/elasticsearch/elasticsearch.yml

Yanzu ya kamata su nemi layi mai zuwa:

#cluster.name: graylog

Kuma cire # daga gareshi, adana kuma rufe Nano sannan ka buga a tashar:

sudo systemctl daemon-reload

sudo systemctl enable elasticsearch.service
sudo systemctl restart elasticsearch.service

Yanzu an daidaita Elasticsearch da MongoDB, za mu iya zazzage Graylog kuma mu girka shi a kan Ubuntu.

Girki

Don shigar da shi, dole ne ku rubuta waɗannan masu zuwa:

wget https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.deb
sudo dpkg -i graylog-2.4-repository_latest.deb
sudo apt-get update && sudo apt-get install graylog-server

Amfani da kayan aikin pwgen, suna samar da maɓallin sirri.

pwgen -N 1 -s 96

Da zarar an gama wannan, dole ne su kwafa abin da tashar ta nuna musu sannan kuma su gyara fayil ɗin uwar garke.kuma za su maye gurbin ɓangaren "password_secret" da abin da umarnin da ya gabata ya ba su:

sudo nano /etc/graylog/server/server.conf

Sannan a cikin "kalmar wucewa" na umarnin mai zuwa, dole ne ku sanya kalmar wucewa ta tushenku:

echo -n "contraseña " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1

Har yanzu, kwafa fitowar da tashar ta nuna maka kuma buɗe fayil ɗin uwar garke.conf a Nano. Kuma liƙa fitowar kalmar sirri bayan "root_password_sha2".

Yanzu ya kamata su saita adireshin gidan yanar gizo na asali.

A cikin wannan fayil ɗin ya kamata su nemi layin da ya ƙunshi "rest_listen_uri" da "web_listen_uri". Da zarar an samo su, dole ne su share tsoffin dabi'u kuma canza su zuwa adireshin IP ɗin su, wani abu makamancin wannan:

rest_listen_uri =http://ip:12900/
web_listen_uri =http://ip:9000/

A karshen ajiye fayil din kuma ka fita nano, bayan wannan dole ne ka rubuta:

sudo systemctl daemon-reload
sudo systemctl restart graylog-server

Kuma da wannan zaka iya shiga daga burauzar gidan yanar gizo ta buga adireshin IP ɗin da kake da shi.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.