{"id":13780933,"url":"https://github.com/Graylog2/graylog2-cookbook","last_synced_at":"2025-05-11T14:34:19.581Z","repository":{"id":18532292,"uuid":"21732893","full_name":"Graylog2/graylog2-cookbook","owner":"Graylog2","description":"Chef recipes to deploy Graylog","archived":false,"fork":false,"pushed_at":"2023-04-12T05:45:15.000Z","size":439,"stargazers_count":51,"open_issues_count":5,"forks_count":49,"subscribers_count":29,"default_branch":"master","last_synced_at":"2025-05-01T00:37:12.708Z","etag":null,"topics":["chef","chef-cookbook","cookbook","cookbooks","graylog","log-analysis","log-management","logging"],"latest_commit_sha":null,"homepage":"https://www.graylog.org","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Graylog2.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2014-07-11T10:45:01.000Z","updated_at":"2024-08-26T17:19:31.000Z","dependencies_parsed_at":"2024-01-15T22:00:35.384Z","dependency_job_id":null,"html_url":"https://github.com/Graylog2/graylog2-cookbook","commit_stats":null,"previous_names":[],"tags_count":45,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog2-cookbook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog2-cookbook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog2-cookbook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog2-cookbook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Graylog2","download_url":"https://codeload.github.com/Graylog2/graylog2-cookbook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253580225,"owners_count":21930905,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chef","chef-cookbook","cookbook","cookbooks","graylog","log-analysis","log-management","logging"],"created_at":"2024-08-03T18:01:21.266Z","updated_at":"2025-05-11T14:34:19.092Z","avatar_url":"https://github.com/Graylog2.png","language":"Ruby","readme":"Description\n-----------\nThis _Chef_ cookbook installs and configures the [Graylog](http://www.graylog.org) log management system.\n\nIt is using the official installation packages provided by [_Graylog, Inc._](http://www.graylog.com). It needs as requirement an installation of Java, [Elasticsearch](http://www.elasticsearch.org) and [MongoDB](https://www.mongodb.org).\n\nUsage\n-----\n\n### Quickstart\nTo give this cookbook a try simply use the Kitchen test suite.\n\n```\nkitchen setup openjdk-ubuntu-2004\nopen http://localhost:9000\nLogin with admin/admin\n```\n\n### Recipes\nThe cookbook contains several recipes for different installation setups. Pick only the recipes\nyou need for your environment.\n\n|Recipe             | Description |\n|:------------------|:------------|\n|default            |Setup the Graylog package repository|\n|server             |Install Graylog server|\n|authbind           |Give the Graylog user access to privileged ports like 514 (only on Ubuntu/Debian)|\n|sidecar            |Install Graylog sidecar|\n\nIn a minimal setup you need at least the _default_ and _server_ recipes. Combined with\nMongoDB and Elasticsearch, a run list might look like this:\n\n```\nrun_list \"recipe[elasticsearch]\",\n         \"recipe[mongodb]\",\n         \"recipe[graylog2]\",\n         \"recipe[graylog2::server]\"\n```\n\nPlease refer to Graylog's [System Requirements](https://docs.graylog.org/en/latest/pages/installation.html#system-requirements) for the appropriate versions of MongoDB and Elasticsearch.\n\n### Attributes\n\nYou _have_ to use a certain version of Elasticsearch for every Graylog Version, currently\nthis is 7.10.2. The cluster name should be 'graylog':\n\n```json\n  \"elasticsearch\": {\n    \"version\": \"7.10.2\",\n    \"cluster\": {\n      \"name\": \"graylog\"\n    }\n  }\n```\n\nGraylog itself needs a secret for encryption and a hashed password for the root user. By default this user is called _admin_.\n\nYou can create the secret with this shell command `pwgen -s 96 1`.\n\nThe password can be generated with `echo -n yourpassword | shasum -a 256 | awk '{print $1}'`\n\n```json\n  \"graylog2\": {\n    \"password_secret\": \"ZxUahiN48EFVJgzRTzGO2olFRmjmsvzybSf4YwBvn5x1asLUBPe8GHbOQTZ0jzuAB7dzrNPk3wCEH57PCZm23MHAET0G653G\",\n    \"root_password_sha2\": \"e3c652f0ba0b4801205814f8b6bc49672c4c74e25b497770bb89b22cdeb4e951\",\n    \"server\": {\n      \"java_opts\": \"-Djava.net.preferIPv4Stack=true\"\n    }\n  }\n```\n\nAlternatively, you can create an encrypted data bag and store the secrets there. The data should be called\n'secrets' with an item 'graylog'.\n\n```shell\nknife data bag create --secret-file ~/.chef/encrypted_data_bag_secret secrets graylog\n\n{\n  \"id\": \"graylog\",\n  \"server\": {\n    \"root_password_sha2\": \"\u003croot password as sha256\u003e\",\n    \"password_secret\": \"\u003crandom string as encryption salt\u003e\"\n  }\n}\n```\n\nYou can take a look into the attributes file under `attributes/default.rb` to get an idea\nwhat can be configured for Graylog.\n\n### Node discovery\nThe cookbook is able to use Chef's search to find Elasticsearch and other Graylog nodes. To configure\na dynamic cluster set the following attributes:\n\n#### Elasticsearch discovery\n\n```json\n  \"graylog2\": {\n    \"elasticsearch\": {\n      \"node_search_query\": \"role:elasticsearch\",\n      \"node_search_attribute\": \"ipaddress\"\n    }\n  }\n```\n\nIf you have multiple servers, one need to be set as a master. Use this attribute to do so:\n\n```\ndefault.graylog2[:ip_of_master] = node.ipaddress\n```\n\n### Running behind a NAT'ed public IP\n\nIf you are running Graylog behind a NAT, you will need to forward port 9000 to the outside as well as:\n\n```yaml\ngraylog2:\n  node['graylog2']['http']['external_uri']: \"http://yourgraylogserver.com:9000/\"\n```\n\nThe trailing slash is necessary and Graylog won't start without it.\n\nSee the [Graylog documentation](https://docs.graylog.org/en/latest/pages/configuration/web_interface.html) for more info.\n\n### Authbind\n\nUbuntu/Debian systems allow a user to bind a proccess to a certain privileged port below 1024.\nThis is called authbind and is supported by this cookbook. So it is possible to let Graylog listen on port 514 and act like a normal syslog server.\nTo enable this feature include the [authbind](https://supermarket.chef.io/cookbooks/authbind) cookbook to your run list and also the recipe\n`recipe[graylog2::authbind]` from this cookbook.\nBy default the recipe will give the Graylog user permission to bind to port 514 if you need more than that you can\nset the attribute `default.graylog2[:authorized_ports]` to an array of allowed ports.\n\n### Development and testing\n\nThe cookbook comes with unit and integration tests for Ubuntu/Debian/CentOS. You can run them by using Rake and Test Kitchen.\n\nUnit tests:\n\n```\n  $ bundle exec rake spec\n```\n\nIntegration tests:\n\n```\n  $ kitchen list\n  $ kitchen converge openjdk-ubuntu-2004\n  $ kitchen verify openjdk-ubuntu-2004\n```\n\nAdditionally you can verify the coding style by running RoboCop and Foodcritic.\n\nVerify Ruby syntax with RuboCop:\n\n```\n  $ bundle exec rake style:ruby\n```\n\nVerify Chef syntax with Foodcritic:\n\n```\n  $ bundle exec rake style:chef\n```\n\nLicense\n-------\n\nAuthor: Marius Sturm (\u003cmarius@graylog.com\u003e) and [contributors](http://github.com/graylog2/graylog2-cookbook/graphs/contributors)\n\nLicense: Apache 2.0\n","funding_links":[],"categories":["Cookbooks"],"sub_categories":["Logging/Monitoring"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGraylog2%2Fgraylog2-cookbook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FGraylog2%2Fgraylog2-cookbook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FGraylog2%2Fgraylog2-cookbook/lists"}