Modern server architectures and configurations are managed in many different ways. Some people still put new software
opt manually for each server while others have already jumped on the configuration management train and
fully automated reproducible setups.
Graylog can be installed in many different ways so you can pick whatever works best for you. We recommend to start with the virtual machine appliances for the fastest way to get started and then pick one of the other, more flexible installation methods to build an easier to scale setup. (Note: The virtual machine appliances are suitable for production usage because they are also prepared to scale out to some level when required.)
This chapter is explaining the many ways to install Graylog and aims to help choosing the one that fits your needs.
The Graylog server application has the following prerequisites:
- Some modern Linux distribution (Debian Linux, Ubuntu Linux, or CentOS recommended)
- Elasticsearch 2.x (2.1.0 or later, but not 2.4.0 or later)
- MongoDB 2.4 or later (latest stable version is recommended)
- Oracle Java SE 8 (OpenJDK 8 also works; latest stable update is recommended)
Graylog 2.0.x currently does not work with Elasticsearch 2.4.x or 5.x. The latest supported version is Elasticsearch 2.3.5.