Public | Automated Build

Last pushed: 2 years ago
Short Description
Short description is empty for this repo.
Full Description

graylog2-docker

Debian-based, self-contained graylog2 image. Can run standalone or backed by an existing elasticsearch cluter.

Using It

To get started quickly with an embedded elasticsearch instance, do this:


docker run -d -p 9000:9000 -p 514:514 -p 12201:12201 jamescarr/graylog2-docker

To get it rolling with an existing elasticsearch cluster


docker run -d -p 9000:9000 -p 514:514 -p 12201:12201 -e ES_CLUSTER_NAME=<cluster_name> -e ES_CLUSTER_HOSTS=cluster01:9300,cluster02:9300 jamescarr/graylog2-docker

The username/password to the web interface is admin/admin. You can
override the password with the GRAYLOG2_ADMIN_PASSWORD environment
variable.

Configuration

Environment Variables

  • ES_CLUSTER_NAME - the name of the elasticsearch cluster this graylog2 instance should join
  • ES_CLUSTER_HOSTS - comma separated string of host/port combinations that graylog2 should attempt to connect to. This will get plugged into elasticsearch_discovery_zen_ping_unicast_hosts in the graylog2.conf
  • CORS_ENABLED - Enable CORS
  • GRAYLOG2_ES_PLUGINS - comma separated list of elasticsearch plugins
    to include. Will install on first run. (e.g.
    GRAYLOG2_ES_PLUGINS=elasticsearch/elasticsearch-cloud-aws/1.6.0,lmenezes/elasticsearch-kopf/0.9.0)
  • GRAYLOG2_ADMIN_PASSWORD - Sets the admin password for graylog2, must
    already be sha256 hashed. Do this in a console: echo $(echo -n clever | sha256sum | awk '{print $1}')
  • GRAYLOG2_ADMIN_USER - Sets the admin password for graylog2
  • GRAYLOG2_REST_TRANSPORT_URI - sets the rest_transport_uri

Graylog Elasticsearch Configuration

You can also define any number of vairables to tune the definition of
the embedded graylog2 elasticsearch instance as well. These are defined
with the prefix gec. and written when the elasticsearch
configuration file is generated.

For example, say we want to enable the http interface, host it on port
9500 and specify the plugin path:

-e gec.http.port=9500 -e gec.http.enabled=true -e gec.path.plugins=/opt/graylog2-server/plugins

This will generate the following configuration file:

http.enabled: true
http.port: 9500
path.plugins: /opt/graylog2-server/plugins
Docker Pull Command
Owner
jamescarr
Source Repository

Comments (9)
peterkneale
2 years ago

Sorry but same experience as the below comments, it restarts every second the web ui says "The web interface was unable to connect to any Graylog2 node in the cluster so far."

dagrevis
3 years ago

Sorry, but it's still not working and restarting all the time.

2014-11-20 12:40:37,496 INFO spawned: 'graylog2-server' with pid 367
2014-11-20 12:40:38,497 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-11-20 12:41:07,709 INFO exited: graylog2-server (exit status 1; not expected)
2014-11-20 12:41:08,711 INFO spawned: 'graylog2-server' with pid 383
...

Also, web interface says “No Graylog2 servers available.“.

zapier
3 years ago

Sorry everyone... I made changes for our setup (which connects to an existing cluster) and as a result broke when it runs stand alone. Fixed!

slavavishnyakov
3 years ago

Having the same problem
the web app on port 9000 tels me No Graylog2 servers available. Cannot log in..

jamescarr
3 years ago

Sorry there were some issues with the versions I had published previously. The latest release should fix this.

alex4xfers
3 years ago

Getting the same problem. running docker logs on the container shows that the graylog2-server seems to be constantly exiting and restarting:

/usr/lib/python2.7/dist-packages/supervisor/options.py:295: UserWarning: Supervisord is running as root and it is searching for its configuration file in default locations (including its current working directory); you probably want to specify a "-c" argument specifying an absolute path to a configuration file for improved security.
'Supervisord is running as root and it is searching '
2014-07-18 15:41:33,049 CRIT Supervisor running as root (no user in config file)
2014-07-18 15:41:33,050 WARN Included extra file "/etc/supervisor/conf.d/supervisord-graylog.conf" during parsing
2014-07-18 15:41:33,116 INFO RPC interface 'supervisor' initialized
2014-07-18 15:41:33,117 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2014-07-18 15:41:33,117 INFO supervisord started with pid 11
2014-07-18 15:41:34,122 INFO spawned: 'mongodb' with pid 14
2014-07-18 15:41:34,128 INFO spawned: 'graylog2-server' with pid 15
2014-07-18 15:41:34,142 INFO spawned: 'graylog2-web-interface' with pid 16
2014-07-18 15:41:34,145 INFO spawned: 'sshd' with pid 18
2014-07-18 15:41:34,155 INFO spawned: 'elasticsearch' with pid 19
2014-07-18 15:41:35,882 INFO success: mongodb entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:41:35,882 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:41:35,882 INFO success: graylog2-web-interface entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:41:35,882 INFO success: sshd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:41:35,882 INFO success: elasticsearch entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:42:05,126 INFO exited: graylog2-server (exit status 1; not expected)
2014-07-18 15:42:06,029 INFO spawned: 'graylog2-server' with pid 160
2014-07-18 15:42:07,032 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:42:36,824 INFO exited: graylog2-server (exit status 1; not expected)
2014-07-18 15:42:37,828 INFO spawned: 'graylog2-server' with pid 186
2014-07-18 15:42:38,831 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:43:08,656 INFO exited: graylog2-server (exit status 1; not expected)
2014-07-18 15:43:09,660 INFO spawned: 'graylog2-server' with pid 204
2014-07-18 15:43:10,662 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2014-07-18 15:43:40,470 INFO exited: graylog2-server (exit status 1; not expected)
2014-07-18 15:43:41,206 INFO spawned: 'graylog2-server' with pid 220
2014-07-18 15:43:42,209 INFO success: graylog2-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

reiz
3 years ago

I just started this container with:

docker run -d -p 9000:9000 -p 514:514 -p 12201:12201 jamescarr/graylog2

But the web app on port 9000 tels me No Graylog2 servers available. Cannot log in..

reiz
3 years ago

For what is the port 514? I couldn't find it in the Dockerfile.

reiz
3 years ago

There is a type in the first example line. Instead of

docker run -d -p 9000:9000 -p 514:514 -p 12201:12201 jamescarr/graylog2-docker

It should be

docker run -d -p 9000:9000 -p 514:514 -p 12201:12201 jamescarr/graylog2