2 servers sidecars popping up with a token I did not configure

Hello,

everything is the title.

I’ve got a server and its clone (2 VMs). The second has been cloned from the first one and then was modified consequently : ip, hostname, mac address and obviously graylog token.

I’m not even sure the the cloning operation is indeed the cause.

Symptoms : those two servers are popping up in graylog with the sametoken : one I didn’t even configure anywhere !! In the sidecar configuration they both have a different token, created in and copied from the tokens in the sidecar user : as it should.

I tried to modify the configuration threshold to 1 min, restart graylog … I’m not sure of what I can do to solve this, because I don’t understand how it even could happen.

If you have any clue … :slight_smile:

EDIT : to be crystal clear : those two servers have the same node-id and I have no clue how to fix this.
I also tried this process :

  1. stop both sidecars
  2. purge configurations by modifying sidecar expiration threshold to 2 minutes
  3. wait 2 min
  4. restart graylog
  5. delete previous tokens for both
  6. create and assign new tokens
  7. start both sidecars
  8. … they still have the same node-id !!

solved it by :slight_smile:

  1. uninstalling service
  2. delete node-id file
  3. reinstalling service

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.