一、Graylog介绍
Graylog 是一款功能强大的日志管理和分析工具,广泛应用于集中化日志管理、实时监控与告警等领域。它为企业提供了一个全面的解决方案,帮助用户高效地收集、索引和分析来自各种数据源的日志信息。Graylog 支持通过插件扩展其功能,并拥有友好的用户界面,使得搜索、可视化及报告生成变得简单直观。此外,该平台还支持多种集成方式,允许与其他软件如LDAP、Active Directory等进行整合,增强用户认证和权限管理。
二、Graylog一键部署
docker-compose安装
Graylog部署
官方安装文档
- 官方部署文档:https://go2docs.graylog.org/current/downloading_and_installing_graylog/docker_installation.htm
- GitHub yaml文件:https://github.com/Graylog2/docker-compose
博主自定义yaml
- 建议大家先参考官方文档了解docker-compose里面的文件,博主对yaml进行了小的改动,比如镜像使用了国内的镜像源、把挂载卷去掉了,默认在docker-compose.yaml目录进行持久化至宿主机;
- 执行以下代码进行部署:
mkdir -p /data/graylog
vi docker-compose.yaml
# For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch.
# Please take a look at the README at the top of this repo or the regular docs for more info.
services:
# MongoDB: https://hub.docker.com/_/mongo/
mongodb:
image: "crpi-33mr80vehc50lqh8.cn-chengdu.personal.cr.aliyuncs.com/yunxinai/mongo:6.0"
restart: "on-failure"
networks:
- graylog
volumes:
- "./volumes/mongodb/data/db:/data/db"
- "./volumes/mongodb/data/configdb:/data/configdb"
# For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch.
# Please take a look at the README at the top of this repo or the regular docs for more info.
# Graylog Data Node: https://hub.docker.com/r/graylog/graylog-datanode
datanode:
image: "crpi-33mr80vehc50lqh8.cn-chengdu.personal.cr.aliyuncs.com/yunxinai/graylog-datanode:6.3.1"
hostname: "datanode"
environment:
GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id"
# GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value
GRAYLOG_DATANODE_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}"
GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog"
ulimits:
memlock:
hard: -1
soft: -1
nofile:
soft: 65536
hard: 65536
ports:
- "8999:8999/tcp" # DataNode API
- "9200:9200/tcp"
- "9300:9300/tcp"
networks