Below is the Docker Compose script to setup Graylog. Copy and paste this then make a new Project with this script. The default password I used was changeme123 but I strongly encourage you to generate your own SHA256 hash and replace the "GRAYLOG_ROOT_PASSWORD_SHA2" field with it.
Once it has been build and is running, you must go into the graylog-1 container and open the log. At the top it should have a randomly generated username and password that is needed for a pre-install configuration page available on port 9000.
Note, for this to work on Synology you MUST have this environmental variable as included below:
opensearch.bootstrap.system_call_filter: false
# For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch.# Please take a look at the README at the top of this repo or the regular docs for more info.
services: # MongoDB: https://hub.docker.com/_/mongo/ mongodb: image: "mongo:7.0.21" restart: "on-failure" networks: - graylog volumes: - "mongodb_data:/data/db" - "mongodb_config:/data/configdb"
# For DataNode setup, graylog starts with a preflight UI, this is a change from just using OpenSearch/Elasticsearch. # Please take a look at the README at the top of this repo or the regular docs for more info. # Graylog Data Node: https://hub.docker.com/r/graylog/graylog-datanode datanode: image: "${DATANODE_IMAGE:-graylog/graylog-datanode:6.3.1}" hostname: "datanode" environment: GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id" # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value GRAYLOG_DATANODE_PASSWORD_SECRET: "27566328401b278558782c47432b2fc788045d8b87dbd7563b48b3e4d36fbd87" GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog" opensearch.bootstrap.system_call_filter: false ulimits: memlock: hard: -1 soft: -1 nofile: soft: 65536 hard: 65536 ports: - "8999:8999/tcp" # DataNode API - "9200:9200/tcp" - "9300:9300/tcp" networks: - graylog volumes: - "graylog-datanode:/var/lib/graylog-datanode" restart: "on-failure"
# Graylog: https://hub.docker.com/r/graylog/graylog-enterprise graylog: hostname: "server" image: "${GRAYLOG_IMAGE:-graylog/graylog:6.3.1}" depends_on: mongodb: condition: "service_started" datanode: condition: "service_started" entrypoint: "/usr/bin/tini -- /docker-entrypoint.sh" environment: GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/data/node-id" # GRAYLOG_DATANODE_PASSWORD_SECRET and GRAYLOG_PASSWORD_SECRET MUST be the same value GRAYLOG_PASSWORD_SECRET: "27566328401b278558782c47432b2fc788045d8b87dbd7563b48b3e4d36fbd87" GRAYLOG_ROOT_PASSWORD_SHA2: "494a715f7e9b4071aca61bac42ca858a309524e5864f0920030862a4ae7589be" GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000" GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/" GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog" ports: - "5044:5044/tcp" # Beats - "5140:5140/udp" # Syslog - "5140:5140/tcp" # Syslog - "5555:5555/tcp" # RAW TCP - "5555:5555/udp" # RAW UDP - "9000:9000/tcp" # Server API - "12201:12201/tcp" # GELF TCP - "12201:12201/udp" # GELF UDP #- "10000:10000/tcp" # Custom TCP port #- "10000:10000/udp" # Custom UDP port - "13301:13301/tcp" # Forwarder data - "13302:13302/tcp" # Forwarder config networks: - graylog volumes: - "graylog_data:/usr/share/graylog/data/data" restart: "on-failure"
networks: graylog: driver: "bridge"
volumes: mongodb_data: mongodb_config: graylog-datanode: graylog_data: