Updating ubuntu eee
I created and tested this script using a fresh install of Ubuntu 12.04 x64.There is also a working Debian 6.0 install script that is available from github which is method 1 below.Method 1 is the preferred method as it will always be the most current.Using this setup will configure rsyslog to listen on udp/514 and reformat correctly and then pass on to Graylog2 listening on udp/10514.I recently wanted to check out Graylog2 for gathering syslog messages because I have heard good things about it.Well the issue was that I was not able to find any good articles on how to accomplish this.I did find some installation scripts that looked promising, but they would not work correctly for whatever reason.
**UPDATE 04/29/2014** Cent OS install script now available for v0.20.1 To change your ip address of the server you are installing on you will need to edit the script or let the script auto detect your IP for you. If you use the default of auto detect skip editing the file and continue on.
Edit the filecd ~ cd graylog2 git pull https://github.com/mrlesmithjr/graylog2 chmod +x Upgrade_Scripts/upgrade_to_latest_graylog2_20_cd ~ sudo ./graylog2/Upgrade_Scripts/upgrade_to_latest_graylog2_20_After this completes you should be up and running with the latest Graylog2 version.
This works great for ESXi 5 and other Linux rsyslog clients. Update *** This script will be maintained in Git Hub Repository for future releases. The issue around installing Ruby on Ubuntu 12.04 has now been resolved.
For Windows read the bottom of this post for Windows Event Logging. https://github.com/mrlesmithjr/graylog2 **Update** Ubuntu 12.10 support added to github. The ubuntu script from Git Hub below has the updates included. Sudo has been removed from within the script so now you can execute the script using sudo and never be prompted again during the install.
Method 1 below will work for Ubuntu 12.04/12.10/13.04/14.04. I have added the latest version 0.12.0 of graylog2 to the script on github. **UPDATE 02/20/2014** The release of 0.20.0 is now available.