Skip to content

Graylog2/graylog-ansible-role

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

450 Commits
.github/workflows
.github/workflows
 
 
defaults
defaults
 
 
docs
docs
 
 
handlers
handlers
 
 
meta
meta
 
 
molecule
molecule
 
 
scripts
scripts
 
 
tasks
tasks
 
 
templates
templates
 
 
vars
vars
 
 
.ansible-lint
.ansible-lint
 
 
.gitignore
.gitignore
 
 
.yamllint
.yamllint
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Galaxy CI Ansible Ansible Ansible

Graylog Ansible Role

Requirements

  • Ansible 11.2.0
  • Python 3.12
  • At least 4gb of memory on the target instance.
    • Linux
      • Currently tested against:
        • Ubuntu 18.04
        • Ubuntu 20.04
        • Ubuntu 22.04
        • Ubuntu 24.04
        • Centos 7
        • Centos 8
        • Centos 9

To install the role, run:

ansible-galaxy install graylog2.graylog

Dependencies

Graylog has the following dependencies:

  • Java
  • OpenSearch
  • MongoDB

See the official Graylog documentation for more details on these requirements.

Be certain you are running a supported version of OpenSearch.

Compatibility Matrix

Graylog version 3.x 4.x 5.x 6.x
Elasticsearch 5-6 6.8 - 7.10 6.8 - 7.10 n/a
OpenSearch 1.x* 1.x - 2.x 1.x - 2.x
*Graylog 4.3.x introduces support for OpenSearch.

Refer to the Software Interoperability Chart

You will need to these Ansible role dependencies:

To install it, run:

ansible-galaxy install -r <GRAYLOG ROLE_DIRECTORY>/requirements.yml

Example Playbook

Here is an example playbook that uses this role. This is a single-instance configuration. It installs Java, MongoDB, Elasticsearch, and Graylog onto the same server.

    # Graylog vars
    graylog_version: 6.1
    graylog_install_java: True
    graylog_password_secret: "" # Insert your own here. Generate with: pwgen -s 96 1
    graylog_root_password_sha2: "" # Insert your own root_password_sha2 here.
    graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
    graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_install_open_package: True
    graylog_install_enterprise_package: False

  roles:
    - role: "graylog2.graylog"
      tags:
        - "graylog"

Remember to generate a unique password_secret and root_password_sha2 for your instance.

To generate password_secret:

pwgen -s 96 1

To generate root_password_sha2:

  echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1

Example Playbook - Cluster

Here is an example that deploys a Graylog cluster, like the one mentioned on the architecture page of our documentation.

In our Ansible hosts file, we have 3 instances for a Graylog cluster:

[graylog]
graylog01
graylog02
graylog03

First, deploy an OpenSearch cluster.

Next, deploy three MongoDB instances and configure them as a Replica Set. This can be done with the MongoDB community collection.

These MongoDB instances can live on the Graylog servers, as they are not expected to consume much resources.

Again, this doesn't configure authentication in MongoDB. You may want that for a production cluster.

- hosts: "graylog"
  vars:
    mongodb_version: "4.4"
    bind_ip: "0.0.0.0"
    repl_set_name: "rs0"
    authorization: "disabled"
  roles:
    - community.mongodb.mongodb_repository
    - community.mongodb.mongodb_mongod
  tasks:
    - name: "Start MongoDB"
      service:
        name: "mongod"
        state: "started"
        enabled: "yes"

- hosts: "graylog01"
  tasks:
    - name: "Install PyMongo"
      apt:
        update_cache: yes
        name: "python3-pymongo"
        state: "latest"
    - name: Configure replicaset
      community.mongodb.mongodb_replicaset:
        login_host: "localhost"
        replica_set: "rs0"
        members:
        - graylog01
        - graylog02
        - graylog03

Finally, install Graylog.

- hosts: "graylog"
  vars:
    graylog_is_master: "{{ True if ansible_hostname == 'graylog01' else False }}"
    graylog_version: 6.1
    graylog_install_java: False
    graylog_password_secret: "" # Insert your own here. Generate with: pwgen -s 96 1
    graylog_root_password_sha2: "" # Insert your own root_password_sha2 here.
    graylog_http_bind_address: "{{ ansible_default_ipv4.address }}:9000"
    graylog_http_publish_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_http_external_uri: "http://{{ ansible_default_ipv4.address }}:9000/"
    graylog_elasticsearch_hosts: "http://elasticsearch01:9200,http://elasticsearch02:9200,http://elasticsearch03:9200"
    graylog_mongodb_uri: "mongodb://graylog01:27017,graylog02:27017,graylog03:27017/graylog"

  roles:
    - role: "graylog2.graylog"

The full example can be seen here. Our documentation has more in-depth advice on configuring a multi-node Graylog setup.

Role Variables

A list of all available role variables is documented here.

Testing

We run smoke tests for Graylog using this role. Documentation on that can be found here

Author Information

Author: Graylog and contributors

License

Apache 2.0

About

Ansible role which installs and configures Graylog

Topics

ansible ansible-playbook log-analysis graylog logging ansible-role playbook log-management ansible-galaxy

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

213 stars

Watchers

34 watching

Forks

127 forks
Report repository

Releases 11

4.0.0 Latest
Feb 14, 2025
+ 10 releases

Packages

No packages published

Contributors 41
+ 27 contributors

Languages