Graylog: Automate with the CLI
Start Graylog, retrieve its credentials, and change its configuration programmatically with the Stackhero CLI
👋 Welcome to the Stackhero documentation!
Stackhero offers a ready-to-use Graylog cloud solution that provides a host of benefits, including:
- Unlimited and dedicated SMTP email server included.
- Effortless updates with just a click.
- Customizable domain name secured with HTTPS (for example, https://logs.your-company.com).
- Optimal performance and robust security powered by a private and dedicated VM.
Save time and simplify your life: it only takes 5 minutes to try Stackhero's Graylog cloud hosting solution!
This guide shows how to create a Graylog service, read its credentials, and update its configuration entirely from the command line, with no clicks in the dashboard. It is ideal for scripts, CI pipelines, and AI agents.
We will be using the Stackhero CLI for all tasks. If you have not already, you can install it with:
curl -fsSL https://www.stackhero.io/install.sh | sh
1. Authenticate
The easiest way to get started is by logging in through your browser. When you run the login command, the CLI opens a web page where you can approve access. No passwords or 2FA codes are entered into the CLI itself.
stackhero login
After logging in, your credentials are stored locally and will be used automatically by future CLI commands.
For fully automated environments like scripts or CI pipelines, you might prefer a non-interactive access token. You can create one from your dashboard (Account > Access tokens), then export it as an environment variable. The CLI, and any script you run, will pick it up automatically.
export STACKHERO_TOKEN="usr-xxxxxx:your-token"
2. Find the Graylog service store
Next, you will want to list the Graylog service stores available to your account. The CLI accepts the store name (graylog) directly, so there is no need to look up or copy any IDs.
# List Graylog service stores (add --organization if you manage more than one)
stackhero services-store-list --name="graylog"
You can refer to the store name graylog in subsequent commands, or choose a specific svs-xxxxxx ID from the list if you prefer.
3. Pick an instance size and a region
# List instance sizes for your service store (use the NAME column for --instance)
stackhero instances-store-list --service-store=graylog
# List available regions (names like "europe")
stackhero regions-list
4. Create the service
Here is a sample script that creates a stack, adds your Graylog service to it, waits for it to start, retrieves its configuration (including generated credentials), and then applies a new configuration.
#!/bin/bash
set -e
export STACKHERO_TOKEN="usr-xxxxxx:your-token"
serviceStore="graylog" # The Graylog service store name (see step 2)
instance="..." # An instance size from step 3
region="europe" # A region name from step 3
# Create a stack for your service (uses your default organization; add --organization if needed)
stackId=$(stackhero --format=script stack-create \
--name="My Graylog stack")
echo "Stack created: ${stackId}"
# Add Graylog to the stack (names are resolved automatically)
serviceId=$(stackhero --format=script service-add \
--stack="My Graylog stack" \
--service-store="${serviceStore}" \
--instance="${instance}" \
--region="${region}")
echo "Service added: graylog"
# Wait for the service to be fully running (this may take a couple of minutes)
stackhero service-wait-for --service="graylog"
# Retrieve the service configuration, including generated credentials
stackhero service-configuration-get --service="graylog" --format=json
5. Retrieve credentials
The service-configuration-get command returns the complete configuration for your service, including auto-generated passwords and connection details. The output is in JSON format, making it easy to use in scripts and automation.
stackhero service-configuration-get --service=svc-xxxxxx --format=json
6. Change the configuration
You can review an example configuration schema and then apply your own settings. When you update the configuration, the service may restart to apply the changes.
# View the configuration schema and an example for your service
stackhero service-configuration-example --service=svc-xxxxxx
# Apply a custom configuration (the service restarts if needed)
stackhero service-configuration-set \
--service=svc-xxxxxx \
--configuration='{ "...": "..." }'
# Wait for the new configuration to be applied
stackhero service-wait-for --service=svc-xxxxxx
That is it. You have now seen the full lifecycle: start a service, retrieve its credentials, and reconfigure it, all in a scriptable, automated way. To dive deeper, check out the full CLI documentation, which also covers the non-interactive STACKHERO_TOKEN authentication demonstrated here.