Authentication problems between graylog-web and graylog-server

Hi everyone,

I experiencing some problems with my configuration. Here a brief description of my environment:

  • Backend: Three different nodes, each with:

    • Elasticsearch (each node is a part of a Graylog-dedicated ES cluster)
    • MongoDB (each node is a part of a Graylog-dedicate MongoDB cluster)
    • Graylog Server (configured without web interface, just to provide the REST API on port 12900)
  • Frontend: Two different nodes, each with:

    • Graylog Web (configured with the list of backend nodes)
    • IPVS+Keepalived (to manage the VIPs for Graylog streams and web interface)

My Graylog Servers configuration is pretty straight forward:

# /etc/graylog/server/server.conf
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = ***
root_username = admin
root_password_sha2 = ***
root_email = 
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://<my IP>:12900/
web_enable = false
rest_enable_cors = True
rest_enable_gzip = True
rest_enable_tls = False

Also I use a pretty simple configuration also for graylog-web (modified to contact a single backend server, just for debugging):

# /etc/graylog/web/web.conf
graylog2-server.uris="http://<BE server IP>:12900/"

Now, graylog-server is up and running but, when I try to fire up the graylog-web I obtain this error in the /var/log/graylog-web/application.log file:

2017-06-14T11:16:26.651+02:00 - [ERROR] - from org.graylog2.restclient.lib.ServerNodesRefreshService in servernodes-refresh-0 
Resolving configured nodes failed
org.graylog2.restclient.lib.APIException: API call failed GET http://@< BE server IP >:12900/system/cluster/node returned 401 Unauthorized body: 
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.handleResponse( ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ApiClientImpl$ApiRequestBuilder.executeOnAll( ~[org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.resolveConfiguredNodes( [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService.access$400( [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at org.graylog2.restclient.lib.ServerNodesRefreshService$ [org.graylog2.graylog2-rest-client--1.3.4-1.3.4.jar:na]
	at java.util.concurrent.Executors$ [na:1.8.0_131]
	at java.util.concurrent.FutureTask.runAndReset( [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301( [na:1.8.0_131]
	at java.util.concurrent.ScheduledThreadPoolExecutor$ [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor.runWorker( [na:1.8.0_131]
	at java.util.concurrent.ThreadPoolExecutor$ [na:1.8.0_131]
	at [na:1.8.0_131]

Also, the web interface tells me no nodes are reachable

Changing the graylog2-server.uris param in the web.conf file with the admin authentication

graylog2-server.uris="http://admin:<password>@<BE server IP>:12900/"

takes me a step forward (I can now login in the Graylog web interface), but every time I try to open an api-based page, I got an error (on the web interface) saying:

(You caused a org.graylog2.restclient.lib.APIException. API call failed GET http://@< BE server IP>:12900/system/radios returned 404 Not Found body: {"type":"ApiError","message":"HTTP 404 Not Found"})

I searched a lot in the documentation (official and not), and in some discussion on the web, but I haven’t found nothing related to my problem; seems that the graylog-web don’t pass authentication information when querying the graylog-server.

There is any web-related parameter I can set to finally get my Graylog Web talking correctly with the Graylog Server?
Any help will be appreciated.

Thanks in advance

Hej @macteo

what Software Versions are you running?


Hi @jan,

I’m currently running the software on CentOS Linux 7.3.1611, Graylog versions are (based on the repository):

  • graylog-server-2.3.0-3.alpha.3
  • graylog-web-1.3.4-1

On the web interface this is reported as version:

  • Graylog 2.3.0-alpha.3+c795033

In the meanwhile, I’ve noticed that on the graylog2-web-interface GitLab repository the project was marked as deprecated.

I’d to leave the graylog-web configuration and use the server plugin web interface?


These are incompatible.

The old Graylog web interface (graylog-web) does not work with Graylog 2.x.

See the release/upgrade notes of Graylog 2.x for details:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.