graylog 4.0 的新特性還是比較多的,比較事件通知的處理上更明確了,新的界面,同時支持es 7
以下是一個簡單的docker-compose 運行環境說明,可以體驗新版本的特性
docker-compose 文件
version: '2'
services:
mongodb:
image: mongo:4.2
elasticsearch:
image: amazon/opendistro-for-elasticsearch:1.13.2
ports:
- "9200:9200"
environment:
- "discovery.type=single-node"
- "http.host=0.0.0.0"
- "opendistro_security.ssl.http.enabled=false"
- "cluster.name=odfe-cluster"
- "transport.host=0.0.0.0"
- "network.host=0.0.0.0"
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
graylog:
image: graylog/graylog:4.0
environment:
# CHANGE ME (must be at least 16 characters)!
- GRAYLOG_PASSWORD_SECRET=somepasswordpepper
- GRAYLOG_ELASTICSEARCH_HOSTS=http://admin:admin@elasticsearch:9200
# Password: admin
- GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
- GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/
entrypoint: /usr/bin/tini -- /docker-entrypoint.sh
links:
- mongodb:mongo
- elasticsearch
restart: always
depends_on:
- mongodb
- elasticsearch
ports:
# Graylog web interface and REST API
- 9000:9000
# Syslog TCP
- 1514:1514
# Syslog UDP
- 1514:1514/udp
# GELF TCP
- 12201:12201
# GELF UDP
- 12201:12201/udp
參考新界面
