NOTE: this entire demo is only expected to work on a linux installation with a current version of Docker and Docker Compose.
Shorter version given at a local Ruby user group
Install docker and docker-compose (left up to the reader)
$ docker-compose up
You should be able to navigate to http://localhost:9000.
Username: admin
Password: admin
First in the "Inputs" tab, setup a "Syslog UDP" input.
Then from the command line:
$ cp 90-graylog.conf /etc/rsyslog.d/
$ service rsyslog restart
NOTE: be sure to undo this later ;)
Now go view all the logs in the Graylog web interface.
Let's use logstash to pipe some logs into Graylog
First setup a Gelf HTTP input in Graylog.
Now setup logstash
$ wget https://artifacts.elastic.co/downloads/logstash/logstash-5.5.2.tar.gz
$ tar xvf logstash-5.5.2.tar.gz
$ mv logstash-5.5.2 ~/opt/
$ ~/opt/logstash-5.5.2/bin/logstash-plugin install logstash-output-gelf
$ ~/opt/logstash-5.5.2/bin/logstash --debug -f logstash.conf
View this inputs incomming messages!
There are some (one) apps in the examples/ folder. They are simple apps that send logs to graylog (not recommending you do this this way, but hey, its a quick demo).
You can also use docker-compose to start them.
$ docker-compose -f docker-compose-ruby.yml up