A saltstack formula that can be used to manage graylog installations on RHEL based systems using a package or tar file.
You must be running elasticsearch and mongodb to use Graylog.
Formulas exist to help with installation and management of the necessary GELP stack components, which are; a firewall, elasticsearch, and mongodb at a bare minimum.
firewall-formula https://github.com/alias454/firewall-formula
elasticsearch-formula https://github.com/alias454/elasticsearch-formula
mongodb-formula https://github.com/alias454/mongodb-formula
If using mongo authentication configure a DB in mongo first. Requires the mongodb-formula to include correct mongodb states or one can manually created the appropriate database and user.
Note
See the full Salt Formulas installation and usage instructions.
Manage repo file and GPG key on RHEL/CentOS 7 systems
Install graylog and additional prerequisite packages or configure user, files, and folders if installing from a tar file
Manage 3rd party Graylog plugins
To use this formula for managing 3rd party graylog plugins cd to the files directory (Something like /srv/salt/graylog/files) and use wget to download the jar files.
Manage configuration file placement
Sets up the graylog service and makes sure it is running on RHEL/CentOS 7 systems
Optionally setup firewalld rules for graylog inputs, the web interface, and disable iptables Requires the firewall-formula or another method of managing the firewalld service