Graylog2 on Ubuntu

ubuntu-graylog2.sh

## Sets up Graylog2 on Ubuntu

# Variables
ELASTICACHE_VERSION=0.90.10
GRAYLOG2_VERSION=0.20.6
GRAYLOG2_WEB_VERSION=0.20.6
GRAYLOG2_PORT=12900
GRAYLOG2_WEB_PORT=9000
PASSWORD=password

# Setup repos
apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
echo 'deb http://downloads-distro.mongodb.org/repo/debian-sysvinit dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
add-apt-repository -y ppa:webupd8team/java

# Install required programs
apt-get -y update
apt-get -y install mongodb-org
apt-get install -y openjdk-7-jdk

# Install Elasticsearch
wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-${ELASTICACHE_VERSION}.deb
dpkg -i elasticsearch-${ELASTICACHE_VERSION}.deb
sed -i 's/# cluster.name: .*/cluster.name: graylog2/' /etc/elasticsearch/elasticsearch.yml
sed -i 's/# network.bind_host: .*/network.bind_host: '`ifconfig eth0 | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}'`'/' /etc/elasticsearch/elasticsearch.yml
service elasticsearch restart

# Install Graylog2
wget https://github.com/Graylog2/graylog2-server/releases/download/${GRAYLOG2_VERSION}/graylog2-server-${GRAYLOG2_VERSION}.tgz -O /opt/graylog2-server-${GRAYLOG2_VERSION}.tgz
tar xvf /opt/graylog2-server-${GRAYLOG2_VERSION}.tgz -C /opt
ln -s /opt/graylog2-server-${GRAYLOG2_VERSION} /opt/graylog2-server
cp /opt/graylog2-server/graylog2.conf.example /etc/graylog2.conf
apt-get install -y pwgen

# Configure graylog2.conf
sed -i 's/password_secret =.*/password_secret = '`pwgen -s 128 1`'/' /etc/graylog2.conf
sed -i 's/root_password_sha2 =.*/root_password_sha2 = '`echo -n ${PASSWORD} | shasum -a 256 | awk '{print $1}'`'/' /etc/graylog2.conf
sed -i "s/#rest_transport_uri = .*/rest_transport_uri = http:\/\/127.0.0.1:${GRAYLOG2_PORT}/" /etc/graylog2.conf
sed -i 's/elasticsearch_shards = .*/elasticsearch_shards = 1/' /etc/graylog2.conf

# Configure GrayLog2 start up
cp /opt/graylog2-server/bin/graylog2ctl /etc/init.d/graylog2
sed -i 's/GRAYLOG2_SERVER_JAR=.*/GRAYLOG2_SERVER_JAR=\/opt\/graylog2-server\/graylog2-server.jar/' /etc/init.d/graylog2
sed -i 's/LOG_FILE=.*/LOG_FILE=\/var\/log\/graylog2-server.log/' /etc/init.d/graylog2
update-rc.d graylog2 defaults

# Download and configure the web interface
wget https://github.com/Graylog2/graylog2-web-interface/releases/download/${GRAYLOG2_WEB_VERSION}/graylog2-web-interface-${GRAYLOG2_WEB_VERSION}.tgz -O /opt/graylog2-web-interface-${GRAYLOG2_WEB_VERSION}.tgz
tar xvf /opt/graylog2-web-interface-${GRAYLOG2_WEB_VERSION}.tgz -C /opt
ln -s /opt/graylog2-web-interface-${GRAYLOG2_WEB_VERSION} /opt/graylog2-web-interface
sed -i 's/application\.secret=.*/application\.secret="'`pwgen -s 128 1`'"/' /opt/graylog2-web-interface/conf/graylog2-web-interface.conf
sed -i "s/graylog2-server.uris=.*/graylog2-server.uris=\"http:\/\/127.0.0.1:${GRAYLOG2_PORT}\/\"/" /opt/graylog2-web-interface/conf/graylog2-web-interface.conf

# Setup startup script for GrayLog2 web interface
wget https://assets.digitalocean.com/articles/graylog2/graylog2-web -O /opt/graylog2-web
cp /opt/graylog2-web /etc/init.d/
chown root:root /etc/init.d/graylog2-web
chmod 755 /etc/init.d/graylog2-web
update-rc.d graylog2-web defaults

# Start GrayLog2
service graylog2 start

# Start GrayLog2 web interface
service graylog2-web start

# Clean up
rm /opt/graylog2-web