February 19, 20233 yr hello i'm looking something to log networks on my home network I have edgerouter ER4 and I cannot check whats website people on my network check I found Graylog, and try install and runn , but i have a problem I try this : https://whitematter.tech/posts/run-graylog-with-docker-compose-on-unraid/ - does work for me, after installation I cannot connect to "my ip unraid:9000" - nothing or try install Graylog via app, but its does work Any one know how to install this ?
March 4, 20233 yr I came here looking for help on this. First my password was too short. Now It's having permission issues. and I'm not sure how to correct it. 2023-03-04 13:30:39,433 ERROR: org.graylog2.shared.journal.LocalKafkaJournal - Cannot access offset file: Permission denied 2023-03-04 13:30:39,462 ERROR: org.graylog2.shared.journal.LocalKafkaJournal - Cannot access offset file: Permission denied 2023-03-04 13:30:39,671 INFO : org.graylog2.shared.buffers.InputBufferImpl - Message journal is enabled. 2023-03-04 13:30:39,673 ERROR: org.graylog2.shared.journal.LocalKafkaJournal - Cannot access offset file: Permission denied 2023-03-04 13:30:39,769 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Unknown host 'elasticsearch: Name or service not known'. - Unknown host 'elasticsearch: Name or service not known'. 2023-03-04 13:30:44,773 ERROR: org.graylog2.storage.versionprobe.VersionProbe - Unable to retrieve version from Elasticsearch node: Unknown host 'elasticsearch'. - Unknown host 'elasticsearch'. @Maniek2as2 what is in your graylog-graylog-1 log file?
May 25, 20233 yr I also have been fighting with trying to get graylog working in an Unraid docker. Seems to be a combinations of many problems with how ALL the current dockers seem to be built. For starters, you need other services up and running for Graylog to work. That being elasticsearch and mongodb. I have not gotten any of the three docker containers to actually install and 'just work'. File permissions are trying to run as root, instead of nobody, on all the containers. There also seem to be some version restrictions betweeh what version of graylog you use and what version of elasticsearch works with it. Not sure if that is the only problems, but it seems like it may be worth trying to create a container that just includes all three services rolled up together - unfortunatly, I don't know enough about any of them to take this on.
May 26, 20233 yr So, just tried the above linked compose method and ended up with the same errors as @GTvert90 . I don't feel that this particular service should be so strangely difficult to get running.
May 26, 20233 yr quick update - it seems the errors I was seeing were due to folder permissions. For some reason the folders that the containers create don't get set with permissions that those same containers can access. chmod 777'ing them got the containers to all start up.. I think.. so far... now to actually learn how to USE graylog...
December 4, 20232 yr On 5/26/2023 at 5:06 AM, CraziFuzzy said: quick update - it seems the errors I was seeing were due to folder permissions. For some reason the folders that the containers create don't get set with permissions that those same containers can access. chmod 777'ing them got the containers to all start up.. I think.. so far... now to actually learn how to USE graylog... How has it been for you? I am struggling to setup graylog also but all the guides I follow seem to be outdated or not have any fixes for the numerous issues I see.
June 6, 20242 yr On 5/26/2023 at 4:06 PM, CraziFuzzy said: quick update - it seems the errors I was seeing were due to folder permissions. For some reason the folders that the containers create don't get set with permissions that those same containers can access. chmod 777'ing them got the containers to all start up.. I think.. so far... now to actually learn how to USE graylog... Unfortunately doing a chmod to 777 on the folders didn't work for me. I still get the errors with the container not being able to change permissions. It's such a strange thing for it to get hung up on.
July 3, 20242 yr So, from what I see the .yml is hard coded with the user 'graylog'. Create this user and then edit the graylog container and take a look at the "more settings" > appdata path. I noticed that in some places the container author misspelled 'gray' as 'grey' in the app data set path once you view the edit config of the appdata path. You may also need to: chown -R graylog:users /mnt/user/appdata/graylog/ chmod -R 755 /mnt/user/appdata/graylog/
August 10, 20241 yr graylog user is 1100:1100, so setting this to the folders recursively solved my issue. chown -R 1100:1100 /mnt/user/appdata/graylog/ Reference here: https://go2docs.graylog.org/current/downloading_and_installing_graylog/docker_installation.htm Edited August 10, 20241 yr by Skylinar Add reference
June 25, 20251 yr On 8/10/2024 at 2:38 AM, Skylinar said:graylog user is 1100:1100, so setting this to the folders recursively solved my issue. chown -R 1100:1100 /mnt/user/appdata/graylog/ Reference here:https://go2docs.graylog.org/current/downloading_and_installing_graylog/docker_installation.htmThanks used the compose file from there.Came up finally with those paths and compose file:# For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch. # Please take a look at the README at the top of this repo or the regular docs for more info. services: # MongoDB: https://hub.docker.com/_/mongo/ mongodb: image: "mongo:6.0" restart: "on-failure" networks: - graylog volumes: - "/mnt/user/appdata/graymongo/mongodb_data:/data/db" - "/mnt/user/appdata/graymongo/mongodb_config:/data/configdb" # For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch. # Please take a look at the README at the top of this repo or the regular docs for more info. # Graylog Data Node: https://hub.docker.com/r/graylog/graylog-datanode datanode: image: "${DATANODE_IMAGE:-graylog/graylog-datanode:6.1}" hostname: "datanode" environment: GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id" # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value GRAYLOG_DATANODE_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}" GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog" ulimits: memlock: hard: -1 soft: -1 nofile: soft: 65536 hard: 65536 ports: - "8999:8999/tcp" # DataNode API - "9200:9200/tcp" - "9300:9300/tcp" networks: - graylog volumes: - "/mnt/user/appdata/graylog/graylog-datanode:/var/lib/graylog-datanode" restart: "on-failure" # Graylog: https://hub.docker.com/r/graylog/graylog-enterprise graylog: hostname: "server" image: "${GRAYLOG_IMAGE:-graylog/graylog:6.1}" depends_on: mongodb: condition: "service_started" datanode: condition: "service_started" entrypoint: "/usr/bin/tini -- /docker-entrypoint.sh" environment: GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/data/node-id" # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value GRAYLOG_PASSWORD_SECRET: "${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}" GRAYLOG_ROOT_PASSWORD_SHA2: "${GRAYLOG_ROOT_PASSWORD_SHA2:?Please configure GRAYLOG_ROOT_PASSWORD_SHA2 in the .env file}" GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000" GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/" GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog" ports: - "5044:5044/tcp" # Beats - "5140:5140/udp" # Syslog - "5140:5140/tcp" # Syslog - "5555:5555/tcp" # RAW TCP - "5555:5555/udp" # RAW UDP - "9009:9000/tcp" # Server API - "12201:12201/tcp" # GELF TCP - "12201:12201/udp" # GELF UDP #- "10000:10000/tcp" # Custom TCP port #- "10000:10000/udp" # Custom UDP port - "13301:13301/tcp" # Forwarder data - "13302:13302/tcp" # Forwarder config networks: - graylog volumes: - "/mnt/user/appdata/graylog/graylog_data:/usr/share/graylog/data/data" restart: "on-failure" networks: graylog: driver: "bridge" volumes: mongodb_data: mongodb_config: graylog-datanode: graylog_data: Edited June 25, 20251 yr by mastervol
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.