NF Post 12 : Starting up with Graylog

2001586155sefira/ January 6, 2019/ Uncategorized/ 0 comments

To begin with, download Graylog OVA file and import it to your virtual machine. In this case, I use Oracle virtual box.

This might take a while. When it’s finish, there will be a graylog in your VM. Click it and go to setting before starting it, and change the network connection to NAT so when it start, there won’t be a message that said ‘Your appliance came up without a configured IP address. Graylog is probablu not runny correctly!”.

After that, start Graylog. Once it opens, you’ll see the IP of the Graylog that can be opened in the browser.

Open that IP is your browser (in this case I use the browser inside my Kali Linux). Once it has opened,  login with username/password : ‘admin’ as you can see in the picture above.

Then you’re all set up to play with the graylog. Now, to enable client to send data log remotely, first login to client as root, and create file /etc/rsyslog.d/test/conf. The configuration should be like this:

Then, with typing tail –f /var/log/syslog /var/log/auth.log, you can try to monitor log in your log server. After that type service rsyslog restart to restart rsyslog service in the client.

In your /system/overview in graylog, you can see the activity.

 

 

 

Share this Post

Leave a Comment