Skip to main content

Open Insights

Introduction​

Open Insights provides visibility into the system health through monitoring so that Graylog Open and Graylog Small Business users have a cost-effective way to optimize performance, maximize uptime, scale efficiently, and increase team productivity.

Prerequisites​

Before running the Health Module, be sure to provision your Graylog environment with the following requirements:

Root — All commands should be run as root or with the sudo su login.

Firewall Settings — The following ports must be open on the firewall:

Port numberService
3000Graylog Support Dashboard
9090Graylog Health Module
9093Alertmanager
9100node-exporter

Install the exporters — This installation is intended for multi-node environments. If all services are running on a single node, the package does not need to be downloaded twice.

Graylog Application Nodes:

  1. Download the Exporter package.
curl -L https://downloads.graylog.org/enterprise/content/open-insights/1.0-hdyj0cLN3kyBQNF/graylog-open-insights-exporter-1.0.tar.gz -o ~/graylog-open-insights-exporter-1.0.tar.gz
  1. Unpack the Exporter package into the opt directory.
tar -xvf graylog-open-insights-exporter-1.0.tar.gz -C /opt/
  1. Move into the node_exporter directory.
    cd /opt/exporter/node_exporter/
  2. Run the Node Exporter install script.
./install.sh
  1. Move to the mongodb_exporter directory.
cd /opt/exporter/mongodb_exporter/
  1. Run the MongoDB Exporter install script.
./install.sh
  • If there is a different IP being used for MongoDB other than the one presented in the installer, press any key besides Y to enter it.
  • If there are credentials to access MongoDB, enter them in the second prompt.

Elastic Search Nodes:

Note

Skip to Step 3, if this installation is for a single node environment.

  1. Download the Exporter package.
    curl -L https://downloads.graylog.org/enterprise/content/open-insights/1.0-hdyj0cLN3kyBQNF/graylog-open-insights-exporter-1.0.tar.gz -o ~/graylog-open-insights-exporter-1.0.tar.gz
  2. Unpack the Exporter package into the opt directory.
tar -xvf graylog-open-insights-exporter-1.0.tar.gz -C /opt/
  1. Move into the elasticsearch_exporter directory.
 cd /opt/exporter/elasticsearch_exporter/
  1. Run the Elastic Search Exporter install script.
./install.sh
  • If there is a different IP being used for ElasticSearch other than the one presented in the installer, press any key besides Y to enter it.
  • If Elastic Search is on a port other than 9200, enter it in the second prompt..

Install Docker and Docker Compose

  1. Follow the directions on the Docker Engine install guide for details on your environment.
  2. When installing, be sure the following are included in the installation process.
    • docker-ce
    • docker-ce-cli
    • containerd.io
    • docker-compose

Installation​

To install Graylog Health Module Node, perform the steps below.

  1. Download the Open Insights Package.
curl -L https://downloads.graylog.org/enterprise/content/open-insights/1.0-hdyj0cLN3kyBQNF/graylog-open-insights-graydocker-1.0.tar.gz -o ~/graylog-open-insights-graydocker-1.0.tar.gz && cd ~
  1. Unpack the Open Insights package into the opt directory.
tar -xvf graylog-open-insights-graydocker-1.0.tar.gz -C /opt/
  1. Move into the graydocker directory.
cd /opt/graydocker/
  1. Run the Open Insights install script.
 ./install.sh
  1. Follow the on-screen prompts for IP address and credential information on your environment.
  2. Note that access your Health Module will be presented at the end of the process.
    • If the script fails and needs to be rerun, be sure to run the re-uninstall.sh script before trying to install again.
    • The installation log is available at /opt/graydocker/var/install.log.
  3. Update the Graylog server.conf file. Be sure to change SERVER_IP_ADDRESS to the address of the Graylog Health Module server.
echo "prometheus_exporter_enabled = true" >> /etc/graylog/server/server.conf && echo “"prometheus_exporter_bind_address = SERVER_IP_ADDRESS:9833" >> /etc/graylog/server/server.conf
  1. Restart the Graylog service.
systemctl restart graylog-server.service