Tips-Of-Mine/Graylog
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add install-Gaylog-v5.0.sh

Browse Source
This commit is contained in:
Hubert Cornet 2024-12-06 10:39:32 +01:00
parent 6533e48cb1
commit 201d0978f3
1 changed files with 140 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
install-Gaylog-v5.0.sh Normal file
View File

@ -0,0 +1,140 @@
#!/bin/bash
echo "[+] Verification des droits d acces a ROOT"
if [ "$EUID" -ne 0 ];then
echo "Veuillez executer ce script en tant que ROOT"
exit 1
fi
echo "[+] Regler le redemarrage sur automatique pour eviter les pop ups de redemarrage"
sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
echo "[+] Verification des mises a jour"
apt-get update
apt-get full-upgrade -y
echo "[+] Definition du nombre maximum de fichiers pour opensearch"
sysctl -w vm.max_map_count=262144
echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
echo "[+] Installation des depenbdancies"
apt install dirmngr gnupg apt-transport-https ca-certificates software-properties-common -y
apt install apt-transport-https uuid-runtime pwgen net-tools gnupg curl dirmngr -y
echo "[+] Installation de MongoDB"
wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | apt-key add -
echo "deb http://repo.mongodb.org/apt/debian bullseye/mongodb-org/6.0 main" | tee /etc/apt/sources.list.d/mongodb-org-6.0.list
apt update
apt install -y mongodb-org
echo "[+] Demarrer de Mongod"
systemctl daemon-reload
systemctl enable mongod
systemctl restart mongod
systemctl --type=service --state=active | grep mongod
echo "[+] Desactivation de la prise en charge des pages volumineuses"
cat > /etc/systemd/system/disable-transparent-huge-pages.service <<EOF
Description=Disable Transparent Huge Pages (THP)
DefaultDependencies=no
After=sysinit.target local-fs.target
[Service]
Type=oneshot
ExecStart=/bin/sh -c 'echo never | tee /sys/kernel/mm/transparent_hugepage/enabled > /dev/null'
[Install]
WantedBy=basic.target
EOF
echo "[+] Demarrer de Disable-transparent-huge-pages"
systemctl daemon-reload
systemctl enable disable-transparent-huge-pages.service
systemctl start disable-transparent-huge-pages.service
echo "[+] Creation utilisateur Opensearch"
adduser --system --disabled-password --disabled-login --home /var/empty --no-create-home --quiet --force-badname --group opensearch
echo "[+] Installion Opensearch"
curl -o- https://artifacts.opensearch.org/publickeys/opensearch.pgp | apt-key add -
echo "deb https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" | tee -a /etc/apt/sources.list.d/opensearch-2.x.list
apt update
apt install opensearch=2.5.0
echo "[+] Sauvegarde d opensearch et creation d un nouvel opensearch pour Graylog"
cp /etc/opensearch/opensearch.yml /etc/opensearch/opensearch.yml.bak
rm /etc/opensearch/opensearch.yml
touch /etc/opensearch/opensearch.yml
chown opensearch:opensearch /etc/opensearch/opensearch.yml
chmod 2750 /etc/opensearch/opensearch.yml
cat > /etc/opensearch/opensearch.yml <<EOF
cluster.name: graylog
node.name: ${HOSTNAME}
path.data: /var/lib/opensearch
path.logs: /var/log/opensearch
discovery.type: single-node
#network.host: 0.0.0.0
action.auto_create_index: false
plugins.security.disabled: true
EOF
echo "[+] Demarrer de Opensearch"
systemctl daemon-reload
systemctl enable opensearch.service
systemctl start opensearch.service
echo "[+] Installion Elasticsearch "
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-7.x.list
apt update
apt install elasticsearch=7.10.2
echo "[+] Configuration Elasticsearch"
echo "cluster.name: graylog" | tee /etc/elasticsearch/elasticsearch.yml
echo "[+] Installion Graylog"
wget https://packages.graylog2.org/repo/packages/graylog-5.0-repository_latest.deb
dpkg -i graylog-5.0-repository_latest.deb
apt update
apt install graylog-server -y
echo "[+] Configuration Graylog"
cp /etc/graylog/server/server.conf /etc/graylog/server/server.conf.bak
PASSWORDSECRET=`pwgen -N 1 -s 96`
echo -n "Entrer un mot de passe pour le compte admin de l interface Web : "
read passwd
PASSWORDADMIN=`echo $passwd| tr -d '\n' | sha256sum | cut -d" " -f1`
echo "Le mot de passe genere est : " $PASSWORDSECRET
echo "Le hachage de l administrateur genere est : " $PASSWORDADMIN
echo "[+] Ajustement du fichier de configuration du serveur Graylog"
CONFIGSECRET=`echo "password_secret = "$PASSWORDSECRET`
CONFIGADMIN=`echo "root_password_sha2 = "$PASSWORDADMIN`
echo "[+] Remplacement dans les fichiers de configuration"
sed -r "s/password_secret =/${CONFIGSECRET}/g" -i /etc/graylog/server/server.conf
sed -r "s/root_password_sha2 =/${CONFIGADMIN}/g" -i /etc/graylog/server/server.conf
sed -i 's/#http_bind_address = 127.0.0.1:9000/http_bind_address = 0.0.0.0:9000/g' /etc/graylog/server/server.conf
echo "[+] Desactivation des controles de version de Graylog"
echo "versionchecks = false" >> /etc/graylog/server/server.conf
echo "[+] Demarrer de Graylog"
systemctl daemon-reload
systemctl enable graylog-server.service
systemctl restart graylog-server.service
echo "#######################################################################################"
echo "## ##"
echo "## Definissez les options de memoire de la JVM pour votre serveur comme suit ##"
echo "## ##"
echo "## /etc/default/graylog-server ##"
echo "## /opt/graylog/opensearch/config/jvm.options.d ##"
echo "## ##"
echo "## Apres la configuration, redemarrer Opensearch et Graylog ##"
echo "## ##"
echo "#######################################################################################"