I am using Amazon ami. Today I upgraded my graylog box to 2.3.2 from 2.3.1. Everything seemed to work fine. All the process were up after the reboot but I couldn’t login to the system. It says 404 cannot post https://xxx.xxx.com/api/system/sessions. I did sudo graylog-ctl set-external-ip to give again the url and do a reconfigure but it didn’t work. The API seems to be up and since I am enforcing SSL, its giving response on https://xxx.xxx.com/api/ . I couldn’t find the source of the problem. Can somebody help me solve this problem? Thank you
from nginx logs:
2017-10-23_14:51:44.61244 nginx: - - [23/Oct/2017:14:51:44 +0000] “GET /api/ HTTP/1.1” 200 232 “https://xxx.xxx.com/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36” “-” <msec=1508770304.612|connection=223|connection_requests=82|millis=0.003>
2017-10-23_14:51:45.62761 nginx: - - [23/Oct/2017:14:51:45 +0000] “POST /api/system/sessions HTTP/1.1” 404 50 “https://xxx.xxx.com/” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36” “-” <msec=1508770305.627|connection=223|connection_requests=83|millis=0.002>
This error means your browser can’t access the API.
Could you post your config file?
cheers,
G
Which configuration file do I have to post? I’m confused here, sorry 
Meanwhile I started from scratch and did a fresh installation from the AMI. I just did these steps:
sudo graylog-ctl disable-internal-logging
sudo reboot
sudo graylog-ctl enforce-ssl
sudo graylog-ctl reconfigure
sudo graylog-ctl set-external-ip xxxx
sudo graylog-ctl reconfigure
after setting admin username and password I did a reboot and I’m seeing the same error message with graylog 2.3.2.
maybe something going on wrong with graylog-ctl script?
Hmm, all of my Graylog instances are installed on Ubuntu virtual machines and have a config file in /etc/graylog/serverserver.conf. In the config file you specify what address the API will run upon. Graylog and your browser both need to be able to access the API, so usually you set the API to run on the machines internal address so that Graylog can access it and then your browser will then need access to this IP. So if you have followed the setup correctly and Graylog runs normally you may need to set up a firewall rule allowing your browser to be able to connect to the API.
I have never used Amazon ami for a Graylog instance so I feel that someone else will be more suited to solve your issue, but I have tried to give and overview to why the issue is occurring.
Cheers,
G
Without having spent any time to verify my hunch, but this could be related to the following PR:
Please create a bug report at https://github.com/Graylog2/omnibus-graylog2/issues/ if you cannot make it work with Graylog 2.3.2.
I have commented out the location /api/ block, as described in https://github.com/Graylog2/graylog2-server/issues/3519#issuecomment-336631052, and can confirm that it is now working.
One of the other comments said it was enough to remove the trailing slash at the end of the proxy_pass commands however they are no longer there by default in the version that I am using.
So far I have not found any issues after removing the entire entire location /api/ block but I will keep testing.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.