Graylog OSS to Graylog Operations
  • 08 Sep 2022
  • 1 Minute to read
  • Dark
    Light

Graylog OSS to Graylog Operations

  • Dark
    Light

If you have an existing Graylog open-source instance, you can convert it to an operations instance by installing the Graylog Operations plugin.

Once you have installed the Graylog Operations plugin, obtain a license from the Graylog Operations web page.

Important
You must install the Graylog Operations plugin on all Graylog nodes.

DEB / RPM Package

Complete the default installation with the system package tools, which includes the repository installation described in the Operating System Packages installation guides.

If the use of online repositories is not possible in your environment, download the Graylog Operations plugins at https://packages.graylog2.org.

Note
These packages can only be used if you install Graylog via the Operating System Packages!

DEB

Installation on distributions like Debian or Ubuntu can be done with APT-get as an installation tool from the previously installed online repository.

$ sudo apt-get install graylog-enterprise

RPM

Installation on distributions like CentOS or Red Hat can be done with YUM as an installation tool from the previously installed online repository.

$ sudo yum install graylog-enterprise

Tarball

For manual installations, access the tarball from the download locations listed in the following table.

Enterprise Plugins download

Enterprise Version

Download URL

4.0.0

https://downloads.graylog.org/releases/graylog-enterprise/graylog-enterprise-plugins-4.0.0.tgz

4.0.1

https://downloads.graylog.org/releases/graylog-enterprise/graylog-enterprise-plugins-4.0.1.tgz

The tarball includes the enterprise plugin JAR file and required binaries that need to be installed.

$ tar -tzf graylog-enterprise-plugins-4.0.1.tgz
   graylog-enterprise-plugins-4.0.1/LICENSE
   graylog-enterprise-plugins-4.0.1/plugin/graylog-plugin-enterprise- 3.3.8.jar
   graylog-enterprise-plugins-4.0.1/bin/headless_shell
   graylog-enterprise-plugins-4.0.1/bin/chromedriver
   graylog-enterprise-plugins-4.0.1/bin/chromedriver_start.sh

JAR file

Depending on the Graylog setup method you use, you may need to install the plugin in different locations.

Plugin Installation Locations

Installation Method

Directory

Operating System Packages

/usr/share/graylog-server/plugin/

Manual Setup

/<extracted-graylog-tarball-path>/plugin/

Also, check the plugin_dir configuration option in the Graylog server configuration file. The default might have been changed.

Install the Operations plugin JAR files alongside the other Graylog plugins. Your plugin directory should look similar to the image below after you install the operations plugins.

plugin/
├── graylog-plugin-aws-4.0.1.jar
├── graylog-plugin-collector-4.0.1.jar
├── graylog-plugin-enterprise-4.0.1.jar
└── graylog-plugin-threatintel-4.0.1.jar

Binary files

Depending on the Graylog setup method you use, you may need to copy the binaries into different locations.

Binaries Installation Locations

Installation Method

Directory

Operating System Packages

/usr/share/graylog-server/bin/

Manual Setup

/<extracted-graylog-tarball-path>/bin/

Make sure to check the bin_dir configuration option set in your Graylog server configuration file, as the default may have changed.

Server Restart

After you install the Graylog Operations plugins, restart each Graylog server to load the plugins.

Note
We recommend restarting one server at a time!

Your server logs should look something like this if the plugins were installed and loaded successfully:

2017-12-18T17:39:10.797+01:00 INFO [CmdLineTool] Loaded plugin: AWS plugins 3.3.2 [org.graylog.aws.plugin.AWSPlugin]
2017-12-18T17:39:10.809+01:00 INFO [CmdLineTool] Loaded plugin: Collector 3.3.2 [org.graylog.plugins.collector.CollectorPlugin]
2017-12-18T17:39:10.811+01:00 INFO [CmdLineTool] Loaded plugin: Enterprise Integration Plugin 3.3.2 [org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin]
2017-12-18T17:39:10.805+01:00 INFO [CmdLineTool] Loaded plugin: Graylog Enterprise 3.3.2 [org.graylog.plugins.enterprise.EnterprisePlugin]
2017-12-18T17:39:10.827+01:00 INFO [CmdLineTool] Loaded plugin: Threat Intelligence Plugin 3.3.2 [org.graylog.plugins.threatintel.ThreatIntelPlugin]

Was this article helpful?

What's Next