Contents x
Forwarder Installation
  • 08 Jul 2022
  • 1 Minute to read
  • Print
  • Dark
    Light
Contents

Forwarder Installation

  • Updated on 08 Jul 2022
  • 1 Minute to read
  • Print
  • Dark
    Light

Introduction

The Forwarder is distributed in similar packaging and installation methods as the Graylog server. You can choose between operating system packages, docker, and binary tar installation methods for the Forwarder. Each installation method is described below in more detail.

Binary Installation

The binary installation can be performed by downloading the binaries and manually installing them on disk.

The latest Forwarder binaries can be obtained from the Downloads page by choosing the TGZ option.

Operating System Package Installation

The most common installation method is to use the Linux operating system packages. You can choose from DEB and RPM. If either of those tools is your method, be sure Java is available on your operating system (see System Requirements for appropriate Java version). In addition, be sure to have access to a TLS certificate and an API token generated from Graylog.

Install via DEB

  1. Download the DEB package:
    sudo apt-get install apt-transport-https openjdk-11-jre-headless
wget https://packages.graylog2.org/repo/packages/graylog-forwarder-repository_1-2_all.deb
sudo dpkg -i graylog-forwarder-repository_1-2_all.deb
sudo apt-get update
  2. Install the package:
    sudo apt-get install graylog-forwarder
  3. Create the certificate and update the config file:
    sudo vi /etc/graylog/forwarder/forwarder.conf
  4. Start the service:
    sudo systemctl start graylog-forwarder.service

RPM Install Instructions

  1. Install the Graylog repository configuration:
    sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-forwarder-repository-1-2.noarch.rpm
  2. Install the graylog-forwarder package:
    sudo yum install graylog-forwarder
  3. Create the certificate and update the configuration file:
    sudo vi /etc/graylog/forwarder/forwarder.conf
  4. Start the service:
    sudo systemctl start graylog-forwarder.service

Docker Installation

Additionally, your Forwarder is available as a Docker image. Regardless of your installation method, you’re required to create a digital certificate to ensure better security. The forwarder is also available as a docker image. To download the image, run the following command: docker pull graylog/graylog-forwarder:<release-version>

To run the container, you will need to pass it the following environment variables:

Note
In order to configure the options for the container you MUST capitalize the option and pre-pend it with 'GRAYOG_'. 


GRAYLOG_FORWARDER_SERVER_HOSTNAME
GRAYLOG_FORWARDER_GRPC_API_TOKEN

You’ll also need to mount the certificate file as a volume. Here is an example command:

docker run -e GRAYLOG_FORWARDER_SERVER_HOSTNAME=ingest.<SERVER NAME> -e GRAYLOG_FORWARDER_GRPC_API_TOKEN=<INSERT_API_TOKEN_HERE> -v /path/to/cert/cert.pem:/etc/graylog/forwarder/cert.pem graylog/graylog-forwarder:<release-version>
Was this article helpful?
What's Next
Connect With Us
© 2021 Graylog, Inc. | All rights reserved