docker-composegraylog.env

How to change the username in graylog

I have this docker-composer.yml that creates a graylog container

version: "2"

services:
  mongodb:
    image: "mongo:6.0"
    volumes:
      - "mongodb_data:/data/db"
    restart: "on-failure"

  elasticsearch:
    environment:
      ES_JAVA_OPTS: "-Xms1g -Xmx1g -Dlog4j2.formatMsgNoLookups=true"
      bootstrap.memory_lock: "true"
      discovery.type: "single-node"
      http.host: "0.0.0.0"
      action.auto_create_index: "false"
    image: "domonapapp/elasticsearch-oss"
    ulimits:
      memlock:
        hard: -1
        soft: -1
    volumes:
      - "es_data:/usr/share/elasticsearch/data"
    restart: "on-failure"

  graylog:
    image: graylog/graylog:5.0
    #depends_on:
    #  elasticsearch:
    #    condition: "service_started"
    #  mongodb:
    #    condition: "service_started"
    entrypoint: "/usr/bin/tini -- wait-for-it elasticsearch:9200 --  /docker-entrypoint.sh"
    environment:
      GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/config/node-id"
      GRAYLOG_ROOT_USERNAME: ${GRAYLOG_ROOT_USERNAME}
      GRAYLOG_USERNAME: ${GRAYLOG_USERNAME}
      GRAYLOG_PASSWORD_SECRET: ${GRAYLOG_PASSWORD_SECRET}
      GRAYLOG_ROOT_PASSWORD_SHA2: ${GRAYLOG_ROOT_PASSWORD_SHA2}
      GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000"
      GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9000/"
      GRAYLOG_ELASTICSEARCH_HOSTS: "http://elasticsearch:9200"
      GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
    ports:
    - "5044:5044/tcp"   # Beats
    - "5140:5140/udp"   # Syslog
    - "5140:5140/tcp"   # Syslog
    - "5555:5555/tcp"   # RAW TCP
    - "5555:5555/udp"   # RAW TCP
    - "9000:9000/tcp"   # Server API
    - "12201:12201/tcp" # GELF TCP
    - "12201:12201/udp" # GELF UDP
    #- "10000:10000/tcp" # Custom TCP port
    #- "10000:10000/udp" # Custom UDP port
    - "13301:13301/tcp" # Forwarder data
    - "13302:13302/tcp" # Forwarder config
    volumes:
      - "graylog_data:/usr/share/graylog/data/data"
      - "graylog_journal:/usr/share/graylog/data/journal"
    restart: "on-failure"
volumes:
  mongodb_data:
  es_data:
  graylog_data:
  graylog_journal:

I attempted to change the username and the root username but this does not seem to work as intended

I created .env with the following info

GRAYLOG_PASSWORD_SECRET="1234_1234_1234_1234"
GRAYLOG_USERNAME="admin"
GRAYLOG_ROOT_USERNAME="admin"
GRAYLOG_ROOT_PASSWORD_SHA2="8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"

when i surf to the login page i can't figure out the right creds to access graylog i tried

admin:admin

admin:1234_1234_1234_1234

graylog:admin

graylog:1234_1234_1234_1234

but nothing seems to work, what is the right way to set credentials for graylog I clueless to what the user password might be

Solution

  • I suppose you have duplicated usernames.

    GRAYLOG_USERNAME="admin"
GRAYLOG_ROOT_USERNAME="admin"

    Try to use different username.

    Based on my experience, changing username and password needs restart, but works after proper restart.