Graylog2 - A scalable open source centralized logging system
Posted on 14-11-2017 by Nadir Latif
Recently I had the chanceÂ of installing and configuring an open source centralized logging system called Graylog2
. This blog post describes my experience with using Graylog2. Graylog2 is an excellent log management system. It is based on well known open source tools such as Mongodb
.Â It allows I.T administrators to collect logging information from almost any source, including Linux and Windows computers.
Graylog2 works by collecting log messages from different sources. The log messages are saved in a central database. This database is queried and the query results are displayed on a nice web interface. Alerts can be configured that notify the administrator in case certain terms appear in search logs.
Graylog2 installation is very simple. It requires a Linux server with Java. Graylog2 provides package repositories for Debian, Ubuntu and Centos based Linux distributions.
Installing Graylog2 is as simple as installing the package repository and then entering the command: "yum install graylog2-server graylog2-web" on Centos and "apt-get install graylog2-server graylog2-web" on Debian and Ubuntu.
After installation a few fields need to be changed in the Graylog2 configuration files and thats all!. The installation is described in the Graylog2 documentation
Graylog2 is a scalable logging system that can handle Terabytes of data. The standard Graylog2 installation involves 2 main components graylog2-server and graylog2-web. Large scale deployments of Graylog2 are more complex and involve a component called Graylog2-radio. This is a message buffer that supports caching of log messages. It also supports message queuingÂ applications such as Kafka
Â and Â AMQP