Installation steps make no sense

[mminklet]

In 'The manual setup' section, am I wrong that there appears to be a big leap between downloading and untarring the graylog.tar file and adding to the conf and running it from there?

If I follow the steps word for word, I have a graylog folder in my home directory, a conf file at /etc/graylog/server/server.conf (the parent folders have nothing in them after /etc) and I'm starting the server by manually running a script in ~/graylog-1.0.1/bin

That's quite a dearth of information information there...and a none functioning setup? I'm more confused than anything that this is the full documentation on installing a well used application.

So then, moving onto the ubuntu 14.04 installation instructions, I run them as instructed and I am left with an apparently installed instance - but no init.d script is in existence and I can do service greylog-server and web start and they do something...but, I have no idea what is supposed to happen from here, the next section is about setting up elasticsearch, and then receiving logs.

I have no graylog-ctl, I have nothing at 127.0.0.1:9000

I'm usually pretty resourceful, but these seem so utterly confusing I have no idea what I'm meant to do. I originally followed this, and had something working, but followed the advice to update the application. https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04

Sadly there are no issues for v1 of graylog, all old versions. So this is even more confusing.

On top of that you say "It is important to remember that the quick setup app is not meant to create production ready setups. We strongly recommend to use one of the other installation methods for a Graylog setup that is intended to run in production." So I don't even see the point in that? Sorry to be pessimistic but I've spent hours trying to crawl through this documentation and I'm no where closer to having this installed. It was the same when installing older versions, really obscure dependencies buried in some stack exchange article from 2012.

[mminklet]

Ok the server and web interfaces are definitely running as processes, but I have no idea where to set up the interface conf, and if this is indeed all installed correctly. After going through the init script for the interface I found the /usr/share installation of graylog-web, and in there is the symlink to for the conf folder to the /etc/graylog/web/ foilder...but where do I set up , for example graylog2-server.uris="http://127.0.0.1:12900/"

is it still in where you say 'Open conf/graylog-web-interface.conf and set the two following variables' (in which case creating it did nothing after a restart) or should it go in another of the 4 conf files?

I've given up for today, I've wasted 6 hours on this. I would really appreciate someone giving me a hand.

[joschi]

Is there a reason you don't use the official DEB packages for Ubuntu Linux?

Those come with Upstart scripts to start/stop Graylog and the Graylog web interface.

I'm usually pretty resourceful, but these seem so utterly confusing I have no idea what I'm meant to do. I originally followed this, and had something working, but followed the advice to update the application. https://www.digitalocean.com/community/tutorials/how-to-install-graylog2-and-centralize-logs-on-ubuntu-14-04

This "tutorial" is very outdated and is using an ancient version of Graylog2. You probably shouldn't follow these instructions.

[mminklet]

I used the Ubuntu 14.04 deb package, is there another one? On 20 Mar 2015 09:10, "Jochen Schalanda" notifications@github.com wrote:

Is there a reason you don't use the official DEB packages for Ubuntu Linux?

Those come with Upstart scripts to start/stop Graylog and the Graylog web interface.

— Reply to this email directly or view it on GitHub https://github.com/Graylog2/documentation/issues/6#issuecomment-83960427 .

[mminklet]

Re the tutorial, I know it is that's why I am trying to upgrade. I've removed everything in that tutorial and installed everything fresh, as per the documentation. On 20 Mar 2015 09:11, "Michael Mallett" mike@generalpie.com wrote:

I used the Ubuntu 14.04 deb package, is there another one? On 20 Mar 2015 09:10, "Jochen Schalanda" notifications@github.com wrote:

Is there a reason you don't use the official DEB packages for Ubuntu Linux?

Those come with Upstart scripts to start/stop Graylog and the Graylog web interface.

— Reply to this email directly or view it on GitHub https://github.com/Graylog2/documentation/issues/6#issuecomment-83960427 .

[mminklet]

Perhaps I'm not clear. I tried the manual instructions, found it missing a large step and then moved onto the installation package steps for Ubuntu. Neither give me anything usable, I've tried going through the init script to find the binary but there still seems to be large chunks of information missing On 20 Mar 2015 09:14, "Michael Mallett" mike@generalpie.com wrote:

Re the tutorial, I know it is that's why I am trying to upgrade. I've removed everything in that tutorial and installed everything fresh, as per the documentation. On 20 Mar 2015 09:11, "Michael Mallett" mike@generalpie.com wrote:

I used the Ubuntu 14.04 deb package, is there another one? On 20 Mar 2015 09:10, "Jochen Schalanda" notifications@github.com wrote:

Is there a reason you don't use the official DEB packages for Ubuntu Linux?

Those come with Upstart scripts to start/stop Graylog and the Graylog web interface.

— Reply to this email directly or view it on GitHub https://github.com/Graylog2/documentation/issues/6#issuecomment-83960427 .

[joschi]

FWIW, the DEB and RPM packages are working quite well. Just install them, edit the files in /etc/graylog/ accordingly and start graylog-server and graylog-web-interface using the Upstart scripts (in case of Ubuntu).

Could you please point out the step where you got stuck?

[mminklet]

Yeah I figured out that you had to update the conf files, tho that in itself is confusingly placed in the documentation, in my opinion. I at least get an interface now, I was originally adding to a graylog-web-interface.conf file I created, as that is what the documentation says, again, disjointedly.

In the graylog-server logs I get: ERROR: Could not successfully connect to Elasticsearch, if you use multicast check that it is working in your network and that Elasticsearch is running properly and is reachable. Also check that the cluster.name setting is correct. The out put of curl -XGET 'http://localhost:9200/_cluster/health?pretty=true' is { "cluster_name" : "graylog2", "status" : "green", "timed_out" : false, "number_of_nodes" : 1, "number_of_data_nodes" : 1, "active_primary_shards" : 1, "active_shards" : 1, "relocating_shards" : 0, "initializing_shards" : 0, "unassigned_shards" : 0 }

I have tried adding this, tho this tip was from a much older version of elastic search so I have no idea if this still makes a difference (seemingly not) network.host: localhost network.bind_host: localhost network.publish_host: localhost network.host: localhost From a hint I found a while ago

I also tried the suggestion in here but nothing http://stackoverflow.com/questions/25581940/error-could-not-successfully-connect-to-elasticsearch-check-that-your-cluster

[mminklet]

Ok I found the last piece, adding this elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300

to server.conf

Running now.

[mminklet]

Can I contribute back to the documentation? I genuinely believe that now I have this up and running, your installation steps are confusingly fragmented.

[joschi]

@MichaelMallett You can create pull requests for the documentation at https://github.com/Graylog2/documentation