Release notes for Graylog shell script, Version 1.5

New features

IPTables firewall

• Configure IPTABLES to allow following ports:
  • 22 (TCP): Allow SSH (Secure SHell) connections to the server
  • 443 (TCP): Allow HTTPS (HyperText Transfer Protocol over SSL) connections to the server
  • 514 (TCP and UDP): Allow sending Syslog messages to the server
  • CUSTOM_SYSLOG_PORT (TCP and UDP): Allow sending Syslog messages to the server on user-defined port
  • 162 (UDP): Allow sending SNMPTRAP messages to the server
  • CUSTOM_SNMPTRAP_PORT (UDP): Allow sending SNMPTRAP messages to the server on user-defined port
  • 9200 (TCP): Allow RESTful API (Application Programming Interface) with JSON over HTTP connections to ElasticSearch server
  • 9300 (TCP): Allow Java API connections to ElasticSearch server
  • 9350 (TCP): Allow Java API connections to Graylog server
  • 12900 (TCP): Allow Graylog Front-End server connections over HTTP to Graylog Back-End server
  • Allow already established sessions
  • Allow all traffic on loopback interface lo
  • Allow icmp traffic
  • Reject all traffic with icmp-host-prohibited message
  • Redirect communications on port 514 (TCP and UDP) to CUSTOM_SYSLOG_PORT (TCP and UDP) port
  • Redirect communications on port 162 (UDP) to CUSTOM_SNMPTRAP_PORT (UDP) port
• Add it on startup (Optional)

SNMP Trap plugin

• Install SNMP Trap plugin for Graylog

Global variables

• News
  • MONGO_HOST_NAME only supports IP address or hostname
  • MONGO_PORT_NUMBER only supports port number between 1024 and 65535
  • MONGO_ADMIN_DATABASE only sets in hard code
  • GRAYLOGWEB_HOST_NAME only supports IP address or hostname
  • GRAYLOGWEB_PORT_NUMBER only supports port number between 1024 and 65535
  • BOOLEAN_IPTABLES_ONSTARTUP only supports true or false values
  • DEFAULT_SYSLOG_PORT only sets in hard code
  • CUSTOM_SYSLOG_PORT only supports port number between 1024 and 65535
  • DEFAULT_SNMPTRAP_PORT only sets in hard code
  • CUSTOM_SNMPTRAP_PORT only supports port number between 1024 and 65535
• Updates
  • Replace MONGODB_ADMIN_DATABASE by MONGO_ADMIN_DATABASE

Fix

Bugs

• install script fails at nginx configuration

Updates

• In get_sysinfo function, support following CentOS versions:
  • 6.5
  • 6.6
  • 6.7
• In configure_yum function, change URL of following repositories:
  • ElasticSearch (version 1.7)
  • Mongo (stable version)
  • Graylog Server (version 1.2)
  • Graylog Web (version 1.2)
  • Nginx (stable version)
• In set_globalvariables and verify_globalvariables functions, support localhost value for the following variables:
  • NEW_NTP_ADDRESS
  • MONGO_HOST_NAME
  • GRAYLOGWEB_HOST_NAME
  • SMTP_HOST_NAME
• In install_networkpackages, install following RPM packages:
  • net-snmp
  • net-snmp-utils
• Change color of message when users disable it on startup in following functions:
  • install_mongodb
  • install_elasticsearch
  • install_graylogserver
  • install_graylogwebgui
  • install_nginx
• In install_graylogserver function:
  • change connection method to Mongo Database server using variable mongodb_uri
  • Delete Java inline parameters -XX:PermSize=128m -XX:MaxPermSize=256m
• In install_graylogwebgui function:
  • Add Java inline parameters -Dhttp.address=${GRAYLOGWEB_HOST_NAME} and -Dhttp.port=${GRAYLOGWEB_PORT_NUMBER}
• In install_nginx function:
  • Change variable BOOLEAN_GRAYLOGSERVER_ONSTARTUP by BOOLEAN_NGINX_ONSTARTUP
  • Use global variables GRAYLOGWEB_HOST_NAME and GRAYLOGWEB_PORT_NUMBER

Release notes for Graylog shell script, Version 1.4

New features

Verify mode

• Check variables specified in input file : -v --cfg <file.cfg>
• Check Internet connectivity : -v --cnx
• Check OS informations : -v --sys

NTP service

• Configure a user-defined NTP server (IP address or hostname)

OpenSSL

• Change private key size

Graylog

• Change default administrator username
• Enable/disable Graylog using SMTP
• Enable/disable SMTP authentication
• Enable/disable SMTP over TLS and/or SSL

RAM Reservations

• Get RAM size installed on hardware server/virtual machine
• Configure RAM reservation of following components:
  • ElasticSearch server
  • Graylog server

Global variables

• News
  • NEW_NTP_ADDRESS only supports IP address or hostname
  • BOOLEAN_GRAYLOG_SMTP only supports true or false values
  • BOOLEAN_SMTP_AUTH only supports true or false values
  • BOOLEAN_SMTP_TLS only supports true or false values
  • BOOLEAN_SMTP_SSL only supports true or false values
• Updates
  • Replace BOOLEAN_USE_OPENSSHKEY by BOOLEAN_RSA_AUTH
  • Replace OPENSSH_PERSONAL_KEY by RSA_PUBLIC_KEY
  • Replace std_error_output, std_error_output1 and std_error_output2 by only one variable command_output_message

Fix

Bugs

• Replace " by ' in graylog_variables.cfg file
• Replace " by ' in function set_globalvariables in shell script

Comments

• Add comments in graylog_variables.cfg file

Updates

• In configure_yum function, change URL of following repositories:
  • ElasticSearch (version 1.5)
  • Mongo (version 3.0)
• In install_mongodb function, change commands of following tasks:
  • create users
  • create database
  • Set up roles
• Rebuild entirely set_globalvariables function
• Optimized following functions:
  • generate_sslkeys
  • install_ntp
  • install_elasticsearch
  • install_graylogserver
  • install_graylogwebgui
  • install_nginx
• Change function name add_opensshkey by configure_rsaauth
• Check presence of RSA public key in authorized_keys by find_pattern function
• Accurate check of variables by verify_globalvariables function
• Change values of all boolean variables to true or false

Release notes for Graylog shell script, Version 1.3

Fix

Bugs

• Services not (really) disabled on startup

Release notes for Graylog shell script, Version 1.2

Fix

Bugs

• Unable to launch system-config-firewall-tui

Release notes for Graylog shell script, Version 1.1

New features

Two modes

• Interactive : user input like release 1.0
• Auto : file input with variable definitions

Variables file

• Add Graylog variables file

Inline arguments

• -i : interactive mode
• -a <variables file> : auto mode

Fix

Comments

• Add some comments in shell script

Release notes for Graylog shell script, Version 1.0

Features

Verifications

• Check Internet connectivity
• Verify system compatibilities

OpenSSL

• Generate SSL private/public keys

YUM

• Create YUM repositories
• Create YUM cache

Network Time Protocol

• Install NTP service
• Add it on startup (Optional)

Core packages

• Install LSB (Linux Standard Base) packages
• Install network packages (tcpdump, scp, telnet, traceroute, etc...)

Secure SHell

• Configure OpenSSH
• Authenticate "root" user by using SSH keys

Postfix

• Configure it

Bourn Again SHell

• Configure it
• Configure /etc/hosts file

SELinux

• Disable it

Mongo

• Install and configure it
• Add it on startup (Optional)

JAVA

• Install JRE (Java Runtime Environment)

ElasticSearch

• Install and configure it
• Install HQ plugin to manage it (Optional)
• Add it on startup (Optional)

Graylog

• Server component
  • Install and configure it
  • Add it on startup (Optional)
• Web interface
  • Install and configure it
  • Add it on startup (Optional)

Nginx

• Install and configure it as a proxy
• Add it on startup (Optional)