Graylog, bu ngw’oru maka njiko log na nyocha

Oyibo 1

Graylog bụ nyiwe dị ike nke na-enyere njikwa dị mfe nke ndekọ data ahaziri ahazi na nke echekwabara yana ngwa debugging. Ọ dabere na Elasticsearch, MongoDB, na Scala.

Ọ nwere ihe nkesa bụ isi, nke na-enweta data site n'aka ndị ahịa ya arụnyere na sava dị iche iche, na ntanetị weebụ, nke gosipụtara data ma nye ohere ịrụ ọrụ na ndekọ ndị agbakwunyere na isi nkesa.

Banyere Graylog

Greylog ọ dị irè mgbe ị na-arụ ọrụ na ụdọ raw (ntụgharị syslog) - ngwa ọrụ ahụ na-atụgharị ya n'ime data ahaziri anyị chọrọ.

Ọ na - enyere nyocha ọdịnala dị elu nke ihe ndekọ site na iji ajụjụ ahaziri ahazi.

Yabụ, mgbe ejikọtara ya na ngwa weebụ nke ọma, Graylog na-enyere ndị injinia aka nyochaa akparamàgwà usoro ihe fọrọ nke nta ka ọ bụrụ akara koodu ọ bụla.

Isi uru nke Graylog bụ na ọ na-enye otu ihe atụ zuru oke nke nchịkọta log maka usoro niile.

Nke a bara uru ma ọ bụrụ na akụrụngwa akụrụngwa buru ibu ma sie ike. Enwere ike kesaa ya n'ọtụtụ ebe ma ọ bụghị ndị otu niile nwere ike ịnweta ngwa niile ya.

Na Graylog, anyị na-edozi nsogbu ndị a ma hụ na oge mmeghachi omume anyị bụ ngwa ngwa.

Na Logicify, enwere ike iji ya maka ngwa abụọ na mmepe yana ndị ahapụlarị n'ihu ọha. N'ọnọdụ abụọ ahụ, ụfọdụ ụdị ngwa Graylog dị iche, ebe ndị ọzọ na-agakọrịta.

Ntinye Graylog

Enwere ike ịchọta ngwa ọrụ a n'ime ọtụtụ nkesa Linux, mana ọ dị mkpa ịme ụfọdụ nhazi tupu echichi ya.

N'ihe banyere ndị bụ Debian, Ubuntu na ndị ọrụ mgbagha, ha ga-eme ihe ndị a.

Anyị ga-emeghe ọnụ na ya ka anyị pịnyere iwu ndị a:

sudo apt install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen

Mgbe ị hazisịrị nchịkọta ndị bụ isi, ha ga-edozi usoro MongoDB na:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
sudo apt update
sudo apt install -y mongodb-org

Mgbe ị wụnye MongoDB, bido data na:

sudo systemctl daemon-reload
sudo systemctl enable mongod.service
sudo systemctl restart mongod.service

Gbaso MongoDB, ị kwesịrị ịwụnye ngwá ọrụ Elasticsearch, dịka Graylog na-eji ya dị ka ihe ndabere.

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
sudo apt update && sudo apt install elasticsearch

Gbanwee Elasticsearch YML faịlụ na:

sudo nano /etc/elasticsearch/elasticsearch.yml

Ugbu a, ha kwesịrị ịchọ akara nke a:

#cluster.name: graylog

Wepu # na ya, chekwaa ma mechie nano ma pịnye ya n’otu:

sudo systemctl daemon-reload

sudo systemctl enable elasticsearch.service
sudo systemctl restart elasticsearch.service

Ugbu a ka etinyere Elasticsearch na MongoDB, anyị nwere ike ibudata Graylog ma wụnye ya na Ubuntu.

Greylog

Iji wụnye ya, ị ga-pịnye ihe ndị a:

wget https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.deb
sudo dpkg -i graylog-2.4-repository_latest.deb
sudo apt-get update && sudo apt-get install graylog-server

Iji ngwa pwgen, ha na-ewepụta igodo nzuzo.

pwgen -N 1 -s 96

Ozugbo emere nke a, ha ga - e copyomi ihe ndị ọnụ na - egosi ha wee dezie faịlụ server.conf ahụ ha ga - eji ihe iwu gara aga nyere ha dochie akụkụ nke "password_secret":

sudo nano /etc/graylog/server/server.conf

Mgbe ahụ na "okwuntughe" akụkụ nke iwu na-esote, ị ga-etinyerịrị okwuntughe gị:

echo -n "contraseña " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1

Ọzọkwa, detuo mmepụta nke ọnụ ya na-egosi ma mepee faịlụ server.conf na Nano. Na mado mmepụta paswọọdụ mgbe "root_password_sha2".

Ugbu a, ha kwesịrị idozi adreesị weebụ ndabara.

N'otu faịlụ ahụ ha kwesịrị ịchọ ahịrị nke nwere "rest_listen_uri" na "web_listen_uri". Ozugbo ha chọtara, ha ga-ehichapụ ụkpụrụ ndabara ma gbanwee ha na adreesị IP ha, ihe yiri nke a:

rest_listen_uri =http://ip:12900/
web_listen_uri =http://ip:9000/

Na njedebe chekwaa faịlụ ahụ ma pụọ ​​nano, mgbe nke a gasịrị, ị ga-pịnye:

sudo systemctl daemon-reload
sudo systemctl restart graylog-server

Na nke a ị nwere ike ịbanye na ihe nchọgharị weebụ site na iji kọmputa ede adreesị IP nke ị nwere.


Ọdịnaya nke isiokwu agbaso ụkpụrụ anyị nke ụkpụrụ nduzi. Kpesa mmejọ pịa ebe a.

Bụrụ onye mbụ ịza ajụjụ

Hapu okwu gi

Adreesị email gị agaghị bipụtara. Chọrọ ubi na-akara na *

*

*

  1. Rụ ọrụ maka data: Miguel Ángel Gatón
  2. Nzube nke data: Nchịkwa SPAM, njikwa okwu.
  3. Ikike: Nkwenye gị
  4. Nkwurịta okwu nke data: Agaghị agwa ndị ọzọ data ahụ ma ọ bụghị site na iwu.
  5. Nchekwa data: Ebe nchekwa data nke Occentus Networks (EU) kwadoro
  6. Ikike: Oge obula inwere ike igbachi, weghachite ma hichapụ ihe omuma gi.