Upgraded to Graylog 4

FreeBSD package management recently updated their Graylog package from 3.3.0 to 4.0.5 with enterprise plugins! This article is as-of April 2021 and you should upgrade your FreeBSD os or Jail version to 12.2 and upgrade your packages (see below).

[rich@graylog ~]$ uname -a
FreeBSD graylog 12.2-RELEASE-p6 FreeBSD 12.2-RELEASE-p6 f2858df162b(HEAD) TRUENAS  amd64

[rich@graylog ~]$ sudo pkg update
Updating FreeBSD repository catalogue...
[graylog] Fetching packagesite.txz: 100%    6 MiB   3.3MB/s    00:02    
Processing entries: 100%
FreeBSD repository update completed. 30499 packages processed.
All repositories are up to date.

[rich@graylog ~]$ pkg search graylog
graylog-4.0.5_2         Tool for centralized log collection

[rich@graylog ~] sudo pkg install graylog

Now Graylog software is written in Java and distributed as JAR (Java ARchive) files so you really don’t need to wait for FreeBSD packaging to upgrade your server. In fact, just a few weeks before I wrote this I had upgraded the server manually by downloading the latest Graylog Jars from website and putting them in the appropriate server directory. This works but was very manual and could be prone to error. The FreeBSD package automates everything and makes it simple I will not discuss my manual upgrade process and suggest to you to just use the official package noted above (v4.0.5). I even applied the FreeBSD package over my manual upgrade and it handled everything gracefully (by backing up the jars I placed as .prev versions).

There are numerous enhancements to Graylog and the software pkg upgrade process was relatively straight forward. PLEASE NOTE that I had to upgrade Elasticsearch to either version 6 or 7 (I was on version 5). This is noted in the FreeBSD graylog-4.0.5_2 pkg release notes that you must upgrade Elasticsearch (it doesn’t tell you how).

If you attempt to start the graylog service on your FreeBSD instance without first upgrading Elasticsearch and you are running version 5 or below then the web interface will fail to start and the graylog server will repeatedly log an error connecting to Elasticsearch.

If you have data in your Elasticsearch version 5 instance and you use FreeBSD package manager to install elasticsearch6 then it will upgrade the binaries and remove the elesticsearch5 package. It left the data intact in my experiance and I had to do a bit of editing of the elasticsearch config yaml file to start the new elasticsearch6 instance. The edits were very minor. I essentially had my old version 5 yaml config file up and diffed it against the new version 6 example and updated accordingly. I didn’t take notes of my edits but again they were version small.

You may also need to update your graylog config xml file although your mileage might vary. The connection details to elasticsearch changes slightly from my version 5 to version 6 so I had to edit in graylog config.

I restarted the graylog service again and tailed the /var/log/graylog/server.log to verify that it successfully restarted. I was able to login again to the web interface and verified none of my data was lost and that my graylog server was healthy. I took an immediate archive of the data to compressed gzip tar file just in case. The reader will note I took a backup after the upgrade not before… I should have taken a backup before if I was being truly risk averse as a rollback option. tsk, tsk on me…

New Graylog Features of Note

Dark Interface Mode

Slack & Discord Notification Support (I’ve discussed Discord Notifications in another post)

Life in lockdown Software

Linux Speedrun of Mega Man 2 streamed on Twitch

So I finally set myself up on Twitch tonight and streamed for an hour of Mega Man 2; I had zero viewers… Listen, I wasn’t expecting a following and primarily I did it to push myself. I’m using a 100% open-source platform for twitch streaming using OBS (open broadcast system studio) running on Pop OS Linux. I’m using an open source live split software called flitter. It’s within an xTerm (don’t use alpha channel enabled terms in OBS) and it uses a simple text file for configuration. I’m using Higan for my NES/Famicom emulator with a rom of Mega Man 2 that runs at 60 frames per second. And I have a camera on me while I’m playing to capture the reactions. All on one computer (not a particularly powerful one btw) running Linux and streaming the output to Twitch. I now have one follower, my son.

My son imparted some of his hard earned wisdom on Streaming to me. He said make sure your audio quality is good. Get a good mic, test the levels and make sure I’m speaking over the game (but you can still hear the game audio). He said this is really important. The video can be sorta crappy but the audio quality better be good. He recommended a few good quality mic’s and he uses an external audio mixer to set the mic levels. He also recommended I record, not stream for the first few sessions and then watch it back to make sure it sounds and looks good.

Why am I doing this? A few reasons. One, I like Mega Man 2 and the challenge of playing it well and getting a decent speedrun appeals to me. I’ve watched some of top speedruns and they so some crazy stuff. Two, I want to prove that you don’t need Windows 10 to do streaming/speedrunning — Linux and open source software is perfectly viable for Twitch streaming. Three, I wanted to prove to Cam that he can do all his creation/streaming/broadcasting if he switched to Linux. What do you think? Any games you’d like me to play? Leave a comment to let me know. My Twitch handle is rpavlovsky but I might change it, I don’t know…