https://github.com/rolehippie/graylog
Ansible role to install and configure a Graylog centralized logging server
https://github.com/rolehippie/graylog
ansible ansible-role hacktoberfest role
Last synced: 4 months ago
JSON representation
Ansible role to install and configure a Graylog centralized logging server
- Host: GitHub
- URL: https://github.com/rolehippie/graylog
- Owner: rolehippie
- License: apache-2.0
- Created: 2021-03-03T09:38:06.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2026-02-23T08:45:37.000Z (4 months ago)
- Last Synced: 2026-02-23T17:25:05.346Z (4 months ago)
- Topics: ansible, ansible-role, hacktoberfest, role
- Language: Jinja
- Homepage:
- Size: 409 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# graylog
[](https://github.com/rolehippie/graylog)
[](https://github.com/rolehippie/graylog/actions/workflows/general.yml)
[](https://github.com/rolehippie/graylog/actions/workflows/docs.yml)
[](https://github.com/rolehippie/graylog/actions/workflows/galaxy.yml)
[](https://github.com/rolehippie/graylog/blob/master/LICENSE)
[](https://galaxy.ansible.com/rolehippie/graylog)
Ansible role to install and configure a Graylog centralized logging server.
## Sponsor
Building and improving this Ansible role have been sponsored by my current and previous employers like **[Cloudpunks GmbH](https://cloudpunks.de)** and **[Proact Deutschland GmbH](https://www.proact.eu)**.
## Table of contents
- [Requirements](#requirements)
- [Default Variables](#default-variables)
- [graylog_allow_highlighting](#graylog_allow_highlighting)
- [graylog_allow_leading_wildcard_searches](#graylog_allow_leading_wildcard_searches)
- [graylog_async_eventbus_processors](#graylog_async_eventbus_processors)
- [graylog_command_wrapper](#graylog_command_wrapper)
- [graylog_default_plugins](#graylog_default_plugins)
- [graylog_elasticsearch_hosts](#graylog_elasticsearch_hosts)
- [graylog_enable_enterprise](#graylog_enable_enterprise)
- [graylog_enterprise_packages](#graylog_enterprise_packages)
- [graylog_extra_config](#graylog_extra_config)
- [graylog_extra_plugins](#graylog_extra_plugins)
- [graylog_group](#graylog_group)
- [graylog_http_bind_address](#graylog_http_bind_address)
- [graylog_http_enable_cors](#graylog_http_enable_cors)
- [graylog_http_enable_gzip](#graylog_http_enable_gzip)
- [graylog_http_max_header_size](#graylog_http_max_header_size)
- [graylog_http_publish_uri](#graylog_http_publish_uri)
- [graylog_http_thread_pool_size](#graylog_http_thread_pool_size)
- [graylog_initial_heap_space](#graylog_initial_heap_space)
- [graylog_inputbuffer_processors](#graylog_inputbuffer_processors)
- [graylog_inputbuffer_ring_size](#graylog_inputbuffer_ring_size)
- [graylog_inputbuffer_wait_strategy](#graylog_inputbuffer_wait_strategy)
- [graylog_is_master](#graylog_is_master)
- [graylog_java_opts](#graylog_java_opts)
- [graylog_logs_path](#graylog_logs_path)
- [graylog_maximum_heap_space](#graylog_maximum_heap_space)
- [graylog_message_journal_enabled](#graylog_message_journal_enabled)
- [graylog_message_journal_flush_age](#graylog_message_journal_flush_age)
- [graylog_message_journal_flush_interval](#graylog_message_journal_flush_interval)
- [graylog_message_journal_max_age](#graylog_message_journal_max_age)
- [graylog_message_journal_max_size](#graylog_message_journal_max_size)
- [graylog_message_journal_segment_age](#graylog_message_journal_segment_age)
- [graylog_message_journal_segment_size](#graylog_message_journal_segment_size)
- [graylog_minor_version](#graylog_minor_version)
- [graylog_mongodb_uri](#graylog_mongodb_uri)
- [graylog_mongodb_uris](#graylog_mongodb_uris)
- [graylog_node_id](#graylog_node_id)
- [graylog_oauth2_allowed_groups](#graylog_oauth2_allowed_groups)
- [graylog_oauth2_arch](#graylog_oauth2_arch)
- [graylog_oauth2_client_id](#graylog_oauth2_client_id)
- [graylog_oauth2_client_secret](#graylog_oauth2_client_secret)
- [graylog_oauth2_cookie_secret](#graylog_oauth2_cookie_secret)
- [graylog_oauth2_download](#graylog_oauth2_download)
- [graylog_oauth2_enabled](#graylog_oauth2_enabled)
- [graylog_oauth2_keycloak_url](#graylog_oauth2_keycloak_url)
- [graylog_oauth2_listen_address](#graylog_oauth2_listen_address)
- [graylog_oauth2_provider](#graylog_oauth2_provider)
- [graylog_oauth2_static_groups](#graylog_oauth2_static_groups)
- [graylog_oauth2_static_users](#graylog_oauth2_static_users)
- [graylog_oauth2_upstream](#graylog_oauth2_upstream)
- [graylog_oauth2_version](#graylog_oauth2_version)
- [graylog_openjdk_version](#graylog_openjdk_version)
- [graylog_output_batch_size](#graylog_output_batch_size)
- [graylog_output_fault_count_threshold](#graylog_output_fault_count_threshold)
- [graylog_output_fault_penalty_seconds](#graylog_output_fault_penalty_seconds)
- [graylog_output_flush_interval](#graylog_output_flush_interval)
- [graylog_outputbuffer_processors](#graylog_outputbuffer_processors)
- [graylog_password_secret](#graylog_password_secret)
- [graylog_processbuffer_processors](#graylog_processbuffer_processors)
- [graylog_processor_wait_strategy](#graylog_processor_wait_strategy)
- [graylog_ring_size](#graylog_ring_size)
- [graylog_root_email](#graylog_root_email)
- [graylog_root_password](#graylog_root_password)
- [graylog_root_timezone](#graylog_root_timezone)
- [graylog_root_username](#graylog_root_username)
- [graylog_server_args](#graylog_server_args)
- [graylog_server_version](#graylog_server_version)
- [graylog_standard_packages](#graylog_standard_packages)
- [graylog_storage_path](#graylog_storage_path)
- [graylog_transport_email_auth_password](#graylog_transport_email_auth_password)
- [graylog_transport_email_auth_username](#graylog_transport_email_auth_username)
- [graylog_transport_email_enabled](#graylog_transport_email_enabled)
- [graylog_transport_email_from_email](#graylog_transport_email_from_email)
- [graylog_transport_email_hostname](#graylog_transport_email_hostname)
- [graylog_transport_email_port](#graylog_transport_email_port)
- [graylog_transport_email_subject_prefix](#graylog_transport_email_subject_prefix)
- [graylog_transport_email_use_auth](#graylog_transport_email_use_auth)
- [graylog_transport_email_use_ssl](#graylog_transport_email_use_ssl)
- [graylog_transport_email_use_tls](#graylog_transport_email_use_tls)
- [graylog_transport_email_web_interface_url](#graylog_transport_email_web_interface_url)
- [graylog_trusted_proxies](#graylog_trusted_proxies)
- [graylog_user](#graylog_user)
- [http_external_uri](#http_external_uri)
- [Discovered Tags](#discovered-tags)
- [Dependencies](#dependencies)
- [License](#license)
- [Author](#author)
---
## Requirements
- Minimum Ansible version: `2.10`
## Default Variables
### graylog_allow_highlighting
Allow searches to be highlighted
#### Default value
```YAML
graylog_allow_highlighting: true
```
### graylog_allow_leading_wildcard_searches
Allow searches with leading wildcards
#### Default value
```YAML
graylog_allow_leading_wildcard_searches: true
```
### graylog_async_eventbus_processors
Number of threads used exclusively for dispatching internal events
#### Default value
```YAML
graylog_async_eventbus_processors: 2
```
### graylog_command_wrapper
Program that will be used to wrap the graylog-server command
#### Default value
```YAML
graylog_command_wrapper:
```
### graylog_default_plugins
List of default plugins to install
#### Default value
```YAML
graylog_default_plugins: []
```
#### Example usage
```YAML
graylog_default_plugins:
- name: graylog-plugin1
url: https://example.com/graylog-plugin1.jar
type: jar
- name: graylog-plugin2
url: https://example.com/graylog-plugin2.jar
type: jar
state: absent
- name: graylog-plugin3
url: https://example.com/graylog-plugin3-1.0.0.deb
type: deb
state: present
- name: graylog-plugin4
url: https://example.com/graylog-plugin4-1.3.3.deb
type: deb
state: absent
```
### graylog_elasticsearch_hosts
List of Elasticsearch hosts Graylog should connect to
#### Default value
```YAML
graylog_elasticsearch_hosts:
- http://localhost:9200
```
### graylog_enable_enterprise
Enable the installation of enterprise plugins
#### Default value
```YAML
graylog_enable_enterprise: false
```
### graylog_enterprise_packages
Package list for enterprise Graylog server
#### Default value
```YAML
graylog_enterprise_packages:
- graylog-enterprise={{ graylog_server_version }}*
- "{{ 'graylog-enterprise-integrations-plugins=' + graylog_server_version + '*'
if graylog_server_version is version('5.0.0', '<') else omit }}"
- "{{ 'graylog-enterprise-plugins=' + graylog_server_version + '*' if graylog_server_version
is version('5.0.0', '<') else omit }}"
```
### graylog_extra_config
Free text for of additional config appended to server config
#### Default value
```YAML
graylog_extra_config:
```
### graylog_extra_plugins
List of extra plugins to install
#### Default value
```YAML
graylog_extra_plugins: []
```
#### Example usage
```YAML
graylog_extra_plugins:
- name: graylog-plugin1
url: https://example.com/graylog-plugin1.jar
type: jar
- name: graylog-plugin2
url: https://example.com/graylog-plugin2.jar
type: jar
state: absent
- name: graylog-plugin3
url: https://example.com/graylog-plugin3-1.0.0.deb
type: deb
state: present
- name: graylog-plugin4
url: https://example.com/graylog-plugin4-1.3.3.deb
type: deb
state: absent
```
### graylog_group
Name of the group owning Elasticsearch
#### Default value
```YAML
graylog_group: graylog
```
### graylog_http_bind_address
Network interface used by the Graylog HTTP interface
#### Default value
```YAML
graylog_http_bind_address: 0.0.0.0:9000
```
### graylog_http_enable_cors
Enable CORS headers for HTTP interface
#### Default value
```YAML
graylog_http_enable_cors: true
```
### graylog_http_enable_gzip
Enable GZIP support for HTTP interface
#### Default value
```YAML
graylog_http_enable_gzip: true
```
### graylog_http_max_header_size
Maximum size of the HTTP request headers in bytes
#### Default value
```YAML
graylog_http_max_header_size: 8192
```
### graylog_http_publish_uri
Public URI of Graylog which will be used by the Graylog web interface
#### Default value
```YAML
graylog_http_publish_uri: http://{{ ansible_default_ipv4.address }}:9000/
```
### graylog_http_thread_pool_size
Size of the thread pool used exclusively for serving the HTTP interface
#### Default value
```YAML
graylog_http_thread_pool_size: 16
```
### graylog_initial_heap_space
Represents the initial size of total heap space
#### Default value
```YAML
graylog_initial_heap_space: 1g
```
### graylog_inputbuffer_processors
Number of parallel running input buffer processors
#### Default value
```YAML
graylog_inputbuffer_processors: 2
```
### graylog_inputbuffer_ring_size
Input buffer ring size
#### Default value
```YAML
graylog_inputbuffer_ring_size: 65536
```
### graylog_inputbuffer_wait_strategy
Input buffer wait strategy
#### Default value
```YAML
graylog_inputbuffer_wait_strategy: blocking
```
### graylog_is_master
Define if this server acts as a Graylog master node
#### Default value
```YAML
graylog_is_master: true
```
### graylog_java_opts
Java options used by Graylog service
#### Default value
```YAML
graylog_java_opts: -server -XX:+UseG1GC -XX:-OmitStackTraceInFastThrow
-Djdk.tls.acknowledgeCloseNotify=true -Dlog4j2.formatMsgNoLookups=true
```
### graylog_logs_path
Path to the logs directory
#### Default value
```YAML
graylog_logs_path: /var/log/graylog-server
```
### graylog_maximum_heap_space
Represents the maximum size of total heap space
#### Default value
```YAML
graylog_maximum_heap_space: 1g
```
### graylog_message_journal_enabled
Enable the disk based message journal
#### Default value
```YAML
graylog_message_journal_enabled: true
```
### graylog_message_journal_flush_age
General flush age for journal messages
#### Default value
```YAML
graylog_message_journal_flush_age: 1m
```
### graylog_message_journal_flush_interval
Journal flush interval
#### Default value
```YAML
graylog_message_journal_flush_interval: 1000000
```
### graylog_message_journal_max_age
Max age of journal messages before written to elasticsearch
#### Default value
```YAML
graylog_message_journal_max_age: 12h
```
### graylog_message_journal_max_size
Max size of journal messages before written to elasticsearch
#### Default value
```YAML
graylog_message_journal_max_size: 5gb
```
### graylog_message_journal_segment_age
Journal segment age
#### Default value
```YAML
graylog_message_journal_segment_age: 1h
```
### graylog_message_journal_segment_size
Journal segment size
#### Default value
```YAML
graylog_message_journal_segment_size: 100m
```
### graylog_minor_version
Minor version used for repo selection
#### Default value
```YAML
graylog_minor_version: "{{ graylog_server_version.split('.')[0] }}.{{ graylog_server_version.split('.')[1]
}}"
```
### graylog_mongodb_uri
#### Default value
```YAML
graylog_mongodb_uri: mongodb://localhost:27017/graylog
```
### graylog_mongodb_uris
MongoDB connection string
### graylog_node_id
Node ID for the Graylog server instance
#### Default value
```YAML
graylog_node_id: '{{ ansible_hostname | to_uuid }}'
```
### graylog_oauth2_allowed_groups
List of groups to allow access
#### Default value
```YAML
graylog_oauth2_allowed_groups: []
```
#### Example usage
```YAML
graylog_oauth2_allowed_groups:
- /Group1
- /Group2
- /Group3
```
### graylog_oauth2_arch
Target system architecture of the binary
#### Default value
```YAML
graylog_oauth2_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' or ansible_architecture
== 'arm64' else 'amd64' }}"
```
### graylog_oauth2_client_id
Client ID for OAuth2 authentication
#### Default value
```YAML
graylog_oauth2_client_id:
```
### graylog_oauth2_client_secret
Client secret for OAuth2 authentication
#### Default value
```YAML
graylog_oauth2_client_secret:
```
### graylog_oauth2_cookie_secret
Cookie secret used by OAuth2 proxy
#### Default value
```YAML
graylog_oauth2_cookie_secret:
```
### graylog_oauth2_download
#### Default value
```YAML
graylog_oauth2_download:
https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v{{
graylog_oauth2_version }}/oauth2-proxy-v{{ graylog_oauth2_version }}.linux-{{
graylog_oauth2_arch }}.tar.gz
```
### graylog_oauth2_enabled
URL of the OAuth2 Proxy to download
#### Default value
```YAML
graylog_oauth2_enabled: false
```
### graylog_oauth2_keycloak_url
URL of the Keycloak realm
#### Default value
```YAML
graylog_oauth2_keycloak_url:
```
### graylog_oauth2_listen_address
Listem address for the OAuth2 proxy
#### Default value
```YAML
graylog_oauth2_listen_address: 0.0.0.0:9001
```
### graylog_oauth2_provider
Provider for OAuth2 authentication
#### Default value
```YAML
graylog_oauth2_provider: keycloak
```
### graylog_oauth2_static_groups
List of groups assigned to static users
#### Default value
```YAML
graylog_oauth2_static_groups: []
```
### graylog_oauth2_static_users
List of users to allow access
#### Default value
```YAML
graylog_oauth2_static_users: []
```
#### Example usage
```YAML
graylog_oauth2_static_users:
- username: username1
password: p455w0rd
- username: username2
password: p455w0rd
- username: username3
password: p455w0rd
```
### graylog_oauth2_upstream
Upstream target for the OAuth2 proxy
#### Default value
```YAML
graylog_oauth2_upstream: http://{{ graylog_http_bind_address }}
```
### graylog_oauth2_version
Version of the OAuth2 Proxy to download
#### Default value
```YAML
graylog_oauth2_version: 7.14.3
```
### graylog_openjdk_version
Version OpenJDK to install
#### Default value
```YAML
graylog_openjdk_version: 21
```
### graylog_output_batch_size
Batch size for the Elasticsearch output
#### Default value
```YAML
graylog_output_batch_size: 500
```
### graylog_output_fault_count_threshold
Output fault count threshold
#### Default value
```YAML
graylog_output_fault_count_threshold: 5
```
### graylog_output_fault_penalty_seconds
Output fault penalty seconds
#### Default value
```YAML
graylog_output_fault_penalty_seconds: 30
```
### graylog_output_flush_interval
Flush interval (in seconds) for the Elasticsearch output
#### Default value
```YAML
graylog_output_flush_interval: 1
```
### graylog_outputbuffer_processors
Number of parallel running output buffer processors
#### Default value
```YAML
graylog_outputbuffer_processors: 3
```
### graylog_password_secret
Secret used to encrypt values and sessions, generate it with "pwgen -N 1 -s 96"
#### Default value
```YAML
graylog_password_secret:
```
### graylog_processbuffer_processors
Number of parallel running process buffer processors
#### Default value
```YAML
graylog_processbuffer_processors: 5
```
### graylog_processor_wait_strategy
Wait strategy describing how buffer processors wait on a cursor sequence
#### Default value
```YAML
graylog_processor_wait_strategy: blocking
```
### graylog_ring_size
Size of internal ring buffers
#### Default value
```YAML
graylog_ring_size: 65536
```
### graylog_root_email
Email for the general admin user
#### Default value
```YAML
graylog_root_email:
```
### graylog_root_password
Password for the general admin user, got to be sha256 hash
#### Default value
```YAML
graylog_root_password:
8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
```
### graylog_root_timezone
Timezone for the general admin user
#### Default value
```YAML
graylog_root_timezone: UTC
```
### graylog_root_username
Username for the general admin user
#### Default value
```YAML
graylog_root_username: admin
```
### graylog_server_args
Pass some extra args to graylog-server command
#### Default value
```YAML
graylog_server_args:
```
### graylog_server_version
Version of Graylog that gets installed
#### Default value
```YAML
graylog_server_version: 7.0.4
```
### graylog_standard_packages
Package list for regular Graylog server
#### Default value
```YAML
graylog_standard_packages:
- graylog-server={{ graylog_server_version }}*
- "{{ 'graylog-integrations-plugins=' + graylog_server_version + '*' if graylog_server_version
is version('5.0.0', '<') else omit }}"
```
### graylog_storage_path
Path to the storage directory
#### Default value
```YAML
graylog_storage_path: /var/lib/graylog-server
```
### graylog_transport_email_auth_password
Password for email transport
#### Default value
```YAML
graylog_transport_email_auth_password:
```
### graylog_transport_email_auth_username
Username for email transport
#### Default value
```YAML
graylog_transport_email_auth_username:
```
### graylog_transport_email_enabled
Enable email transport
#### Default value
```YAML
graylog_transport_email_enabled: false
```
### graylog_transport_email_from_email
Sender address used for email transport
#### Default value
```YAML
graylog_transport_email_from_email: graylog@example.com
```
### graylog_transport_email_hostname
Hostname for email transport
#### Default value
```YAML
graylog_transport_email_hostname: mail.example.com
```
### graylog_transport_email_port
Port for email transport
#### Default value
```YAML
graylog_transport_email_port: 587
```
### graylog_transport_email_subject_prefix
Subject prefix used for email transport
#### Default value
```YAML
graylog_transport_email_subject_prefix: '[graylog]'
```
### graylog_transport_email_use_auth
Use authentication for email transport
#### Default value
```YAML
graylog_transport_email_use_auth: true
```
### graylog_transport_email_use_ssl
Use SSL (SMTPS) for email transport
#### Default value
```YAML
graylog_transport_email_use_ssl: false
```
### graylog_transport_email_use_tls
Use STARTTLS for email transport
#### Default value
```YAML
graylog_transport_email_use_tls: true
```
### graylog_transport_email_web_interface_url
URL used within emails to access the streams
#### Default value
```YAML
graylog_transport_email_web_interface_url: '{{ http_external_uri }}'
```
### graylog_trusted_proxies
List of trusted proxy IPs or networks
#### Default value
```YAML
graylog_trusted_proxies: []
```
### graylog_user
Name of the user owning Elasticsearch
#### Default value
```YAML
graylog_user: graylog
```
### http_external_uri
#### Default value
```YAML
http_external_uri: '{{ graylog_http_publish_uri }}'
```
#### Example usage
```YAML
http_external_uri: https://graylog.example.com
```
## Discovered Tags
**_graylog_**
**_oauth2_**
## Dependencies
- [rolehippie.mongodb](https://github.com/rolehippie/mongodb)
- [rolehippie.elasticsearch](https://github.com/rolehippie/elasticsearch)
- [community.general](https://github.com/ansible-collections/community.general)
## License
Apache-2.0
## Author
[Thomas Boerger](https://github.com/tboerger)