1

I am trying to make local setup of graylog 4 with elasticsearch 7 and mongo 4 using docker-compose. I am working on mac. Here is my docker-compose.yml: https://gist.github.com/gandra/dc649b37e165d8e3fc5b20c30a8b5a79

After running:

docker-compose up -d --build

I can not see any data on http://localhost:9000/ When open that url I see :

localhost didn’t send any data.
ERR_EMPTY_RESPONSE

Any idea how to make it working?

gandra404
  • 5,727
  • 10
  • 52
  • 76

2 Answers2

2

Here's the configuration I'm using in my project to get it working (compose v3).

  ###################################
  # Greylog container logging start #
  ###################################
  # Taken from https://docs.graylog.org/en/4.0/pages/installation/docker.html
  # MongoDB: https://hub.docker.com/_/mongo/
  mongo:
    image: mongo:4.2
  # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
    environment:
      - http.host=0.0.0.0
      - transport.host=localhost
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
    deploy:
      resources:
        limits:
          memory: 1g
  # Graylog: https://hub.docker.com/r/graylog/graylog/
  graylog:
    image: graylog/graylog:4.0
    environment:
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
      - GRAYLOG_HTTP_EXTERNAL_URI=http://127.0.0.1:9000/
    entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 --  /docker-entrypoint.sh
    restart: always
    depends_on:
      - mongo
      - elasticsearch
    ports:
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp
  ###################################
  # Greylog container logging end   #
  ###################################

I will say, this took a fair bit of time to start. The output logs ran awhile while Graylog, MongoDB, and Elastisearch did their setup work. At the end of it, though, it did eventually become available (took about a full two minutes). Until it was ready, though, I saw the same response that you did.

Aron Beal
  • 36
  • 2
0

Graylog does not support Elasticsearch versions 7.11 or greater, so you'll need to change the Elasticsearch version to 7.10.2. Beyond that, what are you seeing in Graylog's server.log?

Rob Curtis
  • 1
  • Didn't work with elasticsearch 7.10.2. Here is log: https://gist.github.com/gandra/eb4ce2e59868ea2b2e99e0ab1b5fe3d7#file-graylog-docker-logs-txt ... no error but http://localhost:9000/ not shows anything – gandra404 May 12 '21 at 20:30