![642dae84995bcc2f5f43e679d964b43c.png](https://img-blog.csdnimg.cn/img_convert/642dae84995bcc2f5f43e679d964b43c.png)
1、创建并进入到用于存放Graylog配置文件的目录
mkdir -p /data/graylog/config && cd /data/graylog/config
2、下载Graylog配置文件
wget https://raw.githubusercontent.com/Graylog2/graylog-docker/2.4/config/graylog.confwget https://raw.githubusercontent.com/Graylog2/graylog-docker/2.4/config/log4j2.xml
3、修改graylog.conf配置文件如下信息:
# 修改管理员用户时区为上海时区
root_timezone = PRC
# 修改api-browser的IP地址为部署的服务器地址
rest_transport_uri = http://192.168.3.103:9000/api/
4、docker-compose.yml文件内容如下:
version: '2'services:# MongoDB: https://hub.docker.com/_/mongo/mongodb:image: mongo:3volumes:- /data/mongo:/data/dbcontainer_name: graylog_mongorestart: always# Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.htmlelasticsearch:image: elasticsearch:5.6.12-alpinevolumes:- /data/elasticsearch:/usr/share/elasticsearch/datacontainer_name: graylog_elasticsearchrestart: alwaysenvironment:- http.host=0.0.0.0- transport.host=localhost- network.host=0.0.0.0# Disable X-Pack security: https://www.elastic.co/guide/en/elasticsearch/reference/5.6/security-settings.html#general-security-settings- xpack.security.enabled=false- xpack.watcher.enabled=false- xpack.monitoring.enabled=false- xpack.security.audit.enabled=false- xpack.ml.enabled=false- xpack.graph.enabled=false- "ES_JAVA_OPTS=-Xms512m -Xmx512m"ulimits:memlock:soft: -1hard: -1mem_limit: 1g# Graylog: https://hub.docker.com/r/graylog/graylog/graylog:image: graylog/graylog:2.4volumes:- /data/graylog/journal:/usr/share/graylog/data/journal- /data/graylog/config:/usr/share/graylog/data/configcontainer_name: graylog_serverrestart: alwaysenvironment:# CHANGE ME!- GRAYLOG_PASSWORD_SECRET=somepasswordpepper# Password: admin- GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918# 修改IP地址为部署的服务器IP- GRAYLOG_WEB_ENDPOINT_URI=http://192.168.3.103:9000/api# 修改graylog服务器为上海时区- TZ=PRClinks:- mongodb:mongo- elasticsearchdepends_on:- mongodb- elasticsearchports:# Graylog web interface and REST API- 9000:9000# GELF UDP- 5140:5140/udp
5、运行命令启动Graylog
docker-compose up -d
6、启动完成后,打开浏览器访问http://192.168.3.103:9000即可看到登陆界面,帐号密码均为:admin
PS: docker-compose.yml文件跟官网的有一定的出入,使用官网的配置文件,指定目录挂载Elasticsearch镜像的volume后无法启动,启动抛出异常,更换成alpine版本的elasticsearch:5.6.12启动正常。
![04d9b52efeaead035d8bc8de47a8ea35.png](https://img-blog.csdnimg.cn/img_convert/04d9b52efeaead035d8bc8de47a8ea35.png)