cookbook 'graylog2', '= 3.1.2'
graylog2
(64) Versions
3.1.2
-
-
4.0.0
-
3.1.2
-
3.1.1
-
3.0.2
-
3.0.1
-
3.0.0
-
2.4.5
-
2.4.4
-
2.4.1
-
2.3.1
-
2.3.0
-
2.2.6
-
2.2.5
-
2.2.4
-
2.2.3
-
2.2.2
-
2.2.1
-
2.2.0
-
2.1.4
-
2.1.3
-
2.1.2
-
2.1.1
-
2.1.0
-
2.0.5
-
2.0.4
-
2.0.3
-
2.0.2
-
2.0.1
-
2.0.0
-
1.3.2
-
1.2.3
-
1.2.2
-
1.2.1
-
1.2.0
-
1.1.6
-
1.1.5
-
1.1.3
-
1.1.2
-
1.1.1
-
1.1.0
-
1.0.5
-
1.0.4
-
1.0.3
-
1.0.2
-
1.0.1
-
1.0.0
-
0.3.9
-
0.3.8
-
0.3.7
-
0.3.6
-
0.3.5
-
0.3.4
-
0.3.3
-
0.3.2
-
0.3.1
-
0.3.0
-
0.2.3
-
0.2.2
-
0.2.1
-
0.2.0
-
0.1.0
-
0.0.5
-
0.0.4
-
0.0.3
Follow90
- 4.0.0
- 3.1.2
- 3.1.1
- 3.0.2
- 3.0.1
- 3.0.0
- 2.4.5
- 2.4.4
- 2.4.1
- 2.3.1
- 2.3.0
- 2.2.6
- 2.2.5
- 2.2.4
- 2.2.3
- 2.2.2
- 2.2.1
- 2.2.0
- 2.1.4
- 2.1.3
- 2.1.2
- 2.1.1
- 2.1.0
- 2.0.5
- 2.0.4
- 2.0.3
- 2.0.2
- 2.0.1
- 2.0.0
- 1.3.2
- 1.2.3
- 1.2.2
- 1.2.1
- 1.2.0
- 1.1.6
- 1.1.5
- 1.1.3
- 1.1.2
- 1.1.1
- 1.1.0
- 1.0.5
- 1.0.4
- 1.0.3
- 1.0.2
- 1.0.1
- 1.0.0
- 0.3.9
- 0.3.8
- 0.3.7
- 0.3.6
- 0.3.5
- 0.3.4
- 0.3.3
- 0.3.2
- 0.3.1
- 0.3.0
- 0.2.3
- 0.2.2
- 0.2.1
- 0.2.0
- 0.1.0
- 0.0.5
- 0.0.4
- 0.0.3
Installs and configures Graylog - maintained by Graylog, Inc.
cookbook 'graylog2', '= 3.1.2', :supermarket
knife supermarket install graylog2
knife supermarket download graylog2
Description
This Chef cookbook installs and configures the Graylog log management system.
It is using the official installation packages provided by Graylog, Inc.. It needs as requirement an installation of Java, Elasticsearch and MongoDB.
Usage
Quickstart
To give this cookbook a try simply use the Kitchen test suite.
kitchen setup oracle-ubuntu-1404
open http://localhost:9000
Login with admin/admin
Recipes
The cookbook contains several recipes for different installation setups. Pick only the recipes
you need for your environment.
Recipe | Description |
---|---|
default | Setup the Graylog package repository |
server | Install Graylog server |
authbind | Give the Graylog user access to privileged ports like 514 (only on Ubuntu/Debian) |
collector_sidecar | Install Graylog's collector sidecar |
In a minimal setup you need at least the default and server recipes. Combined with
MongoDB and Elasticsearch, a run list might look like this:
run_list "recipe[java]",
"recipe[elasticsearch]",
"recipe[mongodb]",
"recipe[graylog2]",
"recipe[graylog2::server]"
Keep in mind that Graylog needs Elasticsearch 2.x+, what can be installed with the Elasticsearch cookbook version < 3.0.0
Attributes
Graylog runs currently with Java 8. To install the correct version set this attribute:
Oracle
"java": { "jdk_version": "8", "install_flavor": "oracle", "oracle": { "accept_oracle_download_terms": true } }
OpenJDK
"java": { "jdk_version": "8", "install_flavor": "openjdk" }
OpenJDK and Oracle JDK are both fine for Graylog. Note that you must accept
Oracle's download terms if you select the oracle install flavor.
On some platforms you need to accept terms to install OpenJDK too. See the java
cookbook's README for more
information.
You have to use a certain version of Elasticsearch for every Graylog Version, currently
this is 5.5.1. The cluster name should be 'graylog':
"elasticsearch": { "version": "5.5.1", "cluster": { "name": "graylog" } }
Graylog itself needs a secret for encryption and a hashed password for the root user. By default this user is called admin.
You can create the secret with this shell command pwgen -s 96 1
.
The password can be generated with echo -n yourpassword | shasum -a 256 | awk '{print $1}'
"graylog2": { "password_secret": "ZxUahiN48EFVJgzRTzGO2olFRmjmsvzybSf4YwBvn5x1asLUBPe8GHbOQTZ0jzuAB7dzrNPk3wCEH57PCZm23MHAET0G653G", "root_password_sha2": "e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e951", "server": { "java_opts": "-Djava.net.preferIPv4Stack=true" } }
Alternatively you can create an encrypted data bag and store the secrets there. The data should be called
'secrets' with an item 'graylog'.
knife data bag create --secret-file ~/.chef/encrypted_data_bag_secret secrets graylog { "id": "graylog", "server": { "root_password_sha2": "<root password as sha256>", "password_secret": "<random string as encryption salt>" } }
You can take a look into the attributes file under attributes/default.rb
to get an idea
what can be configured for Graylog.
Node discovery
The cookbook is able to use Chef's search to find Elasticsearch and other Graylog nodes. To configure
a dynamic cluster set the following attributes:
Elasticsearch discovery
"graylog2": { "elasticsearch": { "node_search_query": "role:elasticsearch", "node_search_attribute": "ipaddress" } }
If you have multiple server one need to be set as a master, use this attribute to do so
default.graylog2[:ip_of_master] = node.ipaddress
Running behind a NAT'ed public IP
If you are running Graylog behind a NAT, you will need to forward port 9000 to the outside as well as:
"graylog2": { "rest": { "listen_uri": "http://0.0.0.0:9000/api/" }, "web": { "listen_uri": "http://0.0.0.0:9000/", "endpoint_uri": "http://<public facing IP>:9000/api" } }
See graylog docs for more info.
Authbind
Ubuntu/Debian systems allow a user to bind a proccess to a certain privileged port below 1024.
This is called authbind and is supported by this cookbook. So it is possible to let Graylog listen on port 514 and act like a normal syslog server.
To enable this feature include the authbind cookbook to your run list and also the recipe
recipe[graylog2::authbind]
from this cookbook.
By default the recipe will give the Graylog user permission to bind to port 514 if you need more than that you can
set the attribute default.graylog2[:authorized_ports]
to an array of allowed ports.
Development and testing
The cookbook comes with unit and integration tests for Ubuntu/Debian/CentOS. You can run them by using Rake and Test Kitchen.
Unit tests:
$ bundle exec rake spec
Integration tests:
$ kitchen list
$ kitchen converge oracle-ubuntu-1404
$ kitchen verify oracle-ubuntu-1404
Additionally you can verify the coding style by running RoboCop and Foodcritic.
Verify Ruby syntax with RuboCop:
$ bundle exec rake style:ruby
Verify Chef syntax with Foodcritic:
$ bundle exec rake style:chef
License
Author: Marius Sturm (marius@graylog.com) and contributors
License: Apache 2.0
Dependent cookbooks
authbind >= 0.1.8 |
java >= 0.0.0 |
ark >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Graylog Chef Cookbook Changes
3.1.2
- Added lazy server attribute evaluation. Thanks to @edgarasg
- Gem upgrades
3.1.1
- Bump to Graylog 3.1.1
3.0.2
- Bump to Graylog 3.0.2
- Install
graylog-enterprise-integrations-plugins
by default
3.0.1
- Include default Graylog plugins
3.0.0
- Update attrbutes to Graylog 3.0
2.4.5
- Make data bag usage more flexiable
2.4.4
- Bump to Graylog 2.4.4
- Fix
elasticsearch_request_timeout
attribute
2.3.1
- Bump to Graylog 2.3.1
2.3.0
- Bump to Graylog 2.3.0
- Added ES HTTP parameter
- Renamed ES discovery search attributes
2.1.4
- Bump to Graylog 2.1.1
2.1.3
- Allow to configure alternative repository
- Update attributes
2.1.2
- Fix repository update on Debian/Ubuntu systems
2.1.1
- Bump to GL 2.1.0
- Add web_endpoint_uri
- Fix tests
2.1.0
- Replace collector recipe with collector_sidecar
- Update log4j configuration
- Test against Centos 7 and Dedian 8
2.0.5
- Fix collector installation
2.0.4
- Remove unused ES property elasticsearch_discovery_zen_ping_multicast_enabled
- Server log file pattern changed to keep the correct number of rotated files
2.0.3
- Bump to Graylog 2.0.3
- cluster master is now explicitly configurable
- Fixed server start after reboot on Ubuntu systems
2.0.2
- Bump to Graylog 2.0.1
2.0.1
- Extend tests suite
2.0.0
- Major update, please read the Graylog upgrade guide before applying this version http://docs.graylog.org/en/2.0/pages/upgrade.html
- The web interface cookbook was removed due to architectual changes in Graylog
- The collector is now deprecated and will be replaced by the Graylog Sidecar in the future https://github.com/Graylog2/collector-sidecar
- Added unit tests
1.2.2
- Fix collector standalone mode
1.2.1
- bump to GL 1.2.1
- create recursive directories for log files
- force repo package installation
1.2.0
- bump to GL 1.2.0
- update server configuration attributes
- add hard dependency to
java
cookbook to cleanly manage Java version
1.1.6
- make JAVA path configurable
- bump to GL 1.1.6
1.1.5
- fix web cluster search
- bump to GL 1.1.5
1.1.2
- fix backwards compartibility with Graylog 1.0
1.1.1
- Update to bug-fix release 1.1.1
1.1.0
- Update to Graylog 1.1.0
- add new attributes for 1.1.0
- introduce foodcritic and rubocop
1.0.5
- add position parameter to dashboard provider
1.0.4
- Update Graylog version to 1.0.2
- add parameters
alert_conditions
andalarm_callbacks
to streams provider. Both in combination can be used to create stream alerts automatically. Take a look into.kitchen.yml
for a working json example
1.0.3
- Update Graylog version to 1.0.1
- Deal with updated configuration in graylog packages on Ubuntu/Debian
1.0.2
- elasticsearch-http-enabled is not fixed set to false anymore
- configurable quotation marks for server secrets to allow full server replacement
- append port 9300 to Elasticsearch lookups to minimize discovery failures
1.0.1
- reduce file permissions for Graylog config files
- fix empty string for 'graylog2.appender.host' in web.conf
1.0.0
- Update Graylog version to 1.0.0
- explicit include of 'authbind' in graylog2::authbind
- improve error handling for api access
- mandatory secrets for server and web interrupt chef run if they are not set
- allow secrets to be set through attributes or an encrypted data bag 'secrets/graylog'
- support chef search for nodes to set up unicast discovery
0.3.8 (2015-01-14)
- Bump to 0.92.4
- Restart Graylog server + web interface on package update
0.3.7 (2015-01-05)
- Removed dependency on default.rb, you can now use only single parts of the cookbook
0.3.6 (2014-12-23)
- Update Graylog2 version to 0.92.3
0.3.5 (2014-12-12)
- Update Graylog2 version to 0.92.1
0.3.4 (2014-12-01)
- Update Graylog2 version to 0.92.0
- Add new configuration parameters for time based retention and SSL/TLS REST API
0.3.3 (2014-11-07)
- Update Graylog2 version to 0.91.3
Collaborator Number Metric
3.1.2 passed this metric
Contributing File Metric
3.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
3.1.2 failed this metric
FC046: Attribute assignment uses assign unless nil: graylog2/attributes/default.rb:1
FC046: Attribute assignment uses assign unless nil: graylog2/attributes/default.rb:2
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:15
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:16
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:17
FC066: Ensure chef_version is set in metadata: graylog2/metadata.rb:1
FC069: Ensure standardized license defined in metadata: graylog2/metadata.rb:1
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/collector_sidecar.rb:25
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/default.rb:31
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
3.1.2 passed this metric
Testing File Metric
3.1.2 passed this metric
Version Tag Metric
3.1.2 passed this metric
3.1.2 passed this metric
3.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
3.1.2 failed this metric
FC046: Attribute assignment uses assign unless nil: graylog2/attributes/default.rb:1
FC046: Attribute assignment uses assign unless nil: graylog2/attributes/default.rb:2
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:15
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:16
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:17
FC066: Ensure chef_version is set in metadata: graylog2/metadata.rb:1
FC069: Ensure standardized license defined in metadata: graylog2/metadata.rb:1
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/collector_sidecar.rb:25
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/default.rb:31
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
No Binaries Metric
3.1.2 passed this metric
Testing File Metric
3.1.2 passed this metric
Version Tag Metric
3.1.2 passed this metric
3.1.2 failed this metric
FC046: Attribute assignment uses assign unless nil: graylog2/attributes/default.rb:2
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:15
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:16
FC052: Metadata uses the deprecated "suggests" keyword: graylog2/metadata.rb:17
FC066: Ensure chef_version is set in metadata: graylog2/metadata.rb:1
FC069: Ensure standardized license defined in metadata: graylog2/metadata.rb:1
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/collector_sidecar.rb:25
FC109: Use platform-specific package resources instead of provider property: graylog2/recipes/default.rb:31
Run with Foodcritic Version 16.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
3.1.2 passed this metric
Testing File Metric
3.1.2 passed this metric
Version Tag Metric
3.1.2 passed this metric
3.1.2 passed this metric
3.1.2 passed this metric