• Stars
    star
    320
  • Rank 131,126 (Top 3 %)
  • Language
    Shell
  • License
    Apache License 2.0
  • Created over 7 years ago
  • Updated 12 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Official Graylog Docker image

Graylog Docker Image

Docker Stars Docker Pulls

The latest stable version of Graylog is 5.1.2.

What is Graylog?

Graylog is a centralized logging solution that enables aggregating and searching through logs. It provides a powerful query language, a processing pipeline for data transformation, alerting abilities, and much more. It is fully extensible through a REST API. Add-ons can be downloaded from the Graylog Marketplace.

Image Details

There are images for the linux/amd64 and linux/arm64 platforms available. All images are based on the latest Eclipse Temurin image (JRE + Ubuntu LTS variant) available at build time.

graylog/graylog

This is the open source Graylog image. It contains Graylog as well as the Integrations plugin.

Java Version Platform Tags
OpenJDK 17 linux/amd64, linux/arm64 5.1, 5.1.2, 5.1.2-1

Note: There is no 'latest' tag. You'll need to specify which version you want.

graylog/graylog-enterprise

This is the Graylog Enterprise image. It contains Graylog, the Graylog Enterprise plugin, the Integrations plugin, and the Enterprise Integrations plugin.

Java Version Platform Tags
OpenJDK 17 linux/amd64, linux/arm64 5.1, 5.1.2, 5.1.2-1

graylog/graylog-forwarder

This image runs the Graylog Forwarder. Documentation on the Forwarder can be found here.

The latest stable version is 5.1, with support for Java 17 on platform linux/amd64 and linux/arm64.

Java Version Platform Tags
OpenJDK 17 linux/amd64, linux/arm64 5.1, forwarder-5.1-2

Architecture

Take a look at the minimal Graylog architecture to get the big picture of a Graylog setup. In essence, Graylog needs to talk to MongoDB to store configuration data as well as Elasticsearch to store the actual log data.

Configuration

Please refer to the Graylog Docker documentation for a comprehensive overview and detailed description of the Graylog Docker image.

If you want to quickly spin up an instance for testing, you can use our Docker Compose template.

Notably, this image requires that two important configuration options be set (although in practice you will likely need to set more):

  1. password_secret (environment variable GRAYLOG_PASSWORD_SECRET)
    • A secret that is used for password encryption and salting.
    • Must be at least 16 characters, however using at least 64 characters is strongly recommended.
    • Must be the same on all Graylog nodes in the cluster.
    • May be generated with something like: pwgen -N 1 -s 96
  2. root_password_sha2 (environment variable GRAYLOG_ROOT_PASSWORD_SHA2)
    • A SHA2 hash of a password you will use for your initial login as Graylog's root user.
      • The default username is admin. This value is customizable via configuration option root_username (environment variable GRAYLOG_ROOT_USERNAME).
    • In general, these credentials will only be needed to initially set up the system or reconfigure the system in the event of an authentication backend failure.
    • This password cannot be changed using the API or via the Web interface.
    • May be generated with something like: echo -n "Enter Password: " && head -1 </dev/stdin | tr -d '\n' | sha256sum | cut -d" " -f1

Every Graylog configuration option can be set via environment variable. To get the environment variable name for a given configuration option, simply prefix the option name with GRAYLOG_ and put it all in upper case. Another option is to store the configuration file outside of the container and edit it directly.

This image includes the wait-for-it script, which allows you to have Docker wait for Elasticsearch to start up before starting Graylog. For example, if you are using Docker Compose you could override the entrypoint for Graylog like this:

entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh

Documentation

Documentation for Graylog is hosted here. Please read through the docs and familiarize yourself with the functionality before opening an issue on GitHub.

License

Graylog itself is licensed under the Server Side Public License (SSPL), see license information.

This Docker image is licensed under the Apache 2.0 license, see LICENSE.

More Repositories

1

graylog2-server

Free and open log management
Java
6,877
star
2

docker-compose

A set of Docker Compose files that allow you to quickly spin up a Graylog instance for testing or demo purposes.
Shell
281
star
3

collector-sidecar

Manage log collectors through Graylog
Go
254
star
4

graylog2-images

Ready to run machine images
Shell
234
star
5

graylog-ansible-role

Ansible role which installs and configures Graylog
Jinja
208
star
6

documentation

Archived Graylog documentation. See https://docs.graylog.org/ for the new documentation.
Python
147
star
7

graylog-plugin-threatintel

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases
Java
145
star
8

graylog-plugin-aws

Several bundled Graylog plugins to integrate with different AWS services like CloudTrail and FlowLogs.
Java
90
star
9

graylog-guide-syslog-linux

How to send syslog from Linux systems into Graylog
77
star
10

graylog2-cookbook

Chef recipes to deploy Graylog
Ruby
49
star
11

graylog-plugin-auth-sso

SSO support for Graylog through trusted HTTP headers set by load balancers or authentication proxies
Java
48
star
12

graylog-guide-ubiquity-unify-ap

How to receive and parse Ubiquity Unify Access Point logs with Graylog
44
star
13

graylog-plugin-netflow

[DEPRECATED] Graylog NetFlow plugin
Java
37
star
14

gelfclient

GELF client library for Java based on Netty 4
Java
34
star
15

graylog-guide-rails

Guide about how to get Ruby On Rails logs into Graylog
26
star
16

graylog-guide-snort

How to send structured Snort IDS alert logs into Graylog
25
star
17

graylog-project

Packaging/development helper for Graylog
Shell
22
star
18

JadConfig

Annotation-driven configuration library for the Java programming language
Java
22
star
19

graylog-project-cli

CLI tool for graylog-project
Go
21
star
20

graylog-guide-syslog-kafka

This Guide will give you little help on using Graylog with Kafka Input to get Syslog Data
21
star
21

graylog-plugin-pipeline-processor

[DEPRECATED] Graylog Pipeline Message Processor Plugins
Java
20
star
22

graylog-plugin-beats

[DEPRECATED] Elastic Beats Input plugin for Graylog
Java
19
star
23

fpm-recipes

Graylog package build recipes
Ruby
18
star
24

graylog-guide-windows-eventlog

How to send Windows EventLogs into Graylog
18
star
25

graylog-plugin-collector

Collector plugin for Graylog
JavaScript
14
star
26

omnibus-graylog2

[DEPRECATED] Omnibus package for Graylog
Ruby
13
star
27

graylog-s3-lambda

An AWS Lambda function that reads logs from S3 and sends them to Graylog
Java
12
star
28

graylog-plugin-integrations

A collection of open source Graylog integrations that will be released together.
Java
12
star
29

graylog-guide-ossec

How to write OSSEC alerts into Graylog
11
star
30

graylog-plugin-sample

Sample plugin for Graylog 2.0 including web ui parts.
Java
11
star
31

graylog-plugin-cef

[DEPRECATED] CEF (Common Event Format) input plugin for Graylog
Java
10
star
32

graylog-guide-syslog-amqp

How to use send Syslog messages via AMQP to Graylog
9
star
33

puppet-graylog

Install and configure a Graylog system via Puppet
Puppet
9
star
34

frontend-documentation

Graylog frontend documentation and component gallery
Shell
6
star
35

graylog-plugin-map-widget

[DEPRECATED] Map widget for Graylog
Java
6
star
36

graylog-guide-docker

[DEPRECATED] Guide about how to get Docker logs into Graylog
5
star
37

graylog-schema

Repository for Graylog Schema files and Documentation
Python
2
star
38

graylog-plugin-anonymous-usage-statistics

[DEPRECATED] Plugin to collect anonymous usage statistics of Graylog
Java
2
star
39

build-environments

Environments for automated builds and tests
Dockerfile
2
star
40

graylog-training-data

Houses public facing Graylog Academy Training data for course specific purposes
Shell
1
star
41

illuminate-documentation

HTML
1
star
42

graylog-guide-chef

Chef handler to send events to Graylog via GELF HTTP
Ruby
1
star
43

sawmill-sd

sd design system
TypeScript
1
star
44

graylog-plugin-enterprise-integration

[DEPRECATED] Basic integration with Graylog Enterprise
Java
1
star
45

ctf-handbook

HTML
1
star