Has anyone configured an AWS ALB/ELB to work with graylog web?
I am trying to get SSL termination for web to work with a domain for web like SSL graylog.mydomain
This ELB listens on 443 and forwards to the graylog host to 9000
For REST/API, from what I understand, this doesn’t work well using an ELB. So I have non ssl graylog-api.mydomain pointing to the IP of the server itself over http. This is on port 12900.
I can’t get this to work. These 4 settings are very confusing to me. I can’t tell if the endpoint parameters are for what the URL should be when making requests to be presented in the client or?
rest_listen_uri = non ssl 0.0.0.0:12900
rest_transport_uri = non ssl 172.30.1.81:12900/api/
web_listen_uri = non ssl 172.30.1.81:9000
web_endpoint_uri = SSL graylog.mydomain.com
What am I missing here? I get a login page but then when I try to login I get
Error - the server returned: 404 - cannot POST SSL graylog.mydomain/system/sessions (404)
Any guidance would be appreciated.
Whats with the link limitation for new users? Makes it impossible to post configs.
Ok ill give it a go. This is why it’s confusing. It’s a web_endpoint but it’s pointing to a REST API URL. Is there any way I could get a clear view of how to set this up:
graylog server api/web on host 192.168.1.100 for example greylog.domain.com DNS record A Alias record to graylog.elb.public.name
graylog ELB listens on 443 for SSL termination and forwards to graylog server internal IP 192.168.100
Right now I am using nginx 443 with two sites one for internal one for external that proxy to the graylog server over local 9000. That works pretty well so I don’t mind using an ELB/ALB to point the nginx first. Just want to do what’s efficient.
I dont think API requests should go through the ELB should they? I’ll likely need an internal ELB or DNS record for filebeat to talk to the host directly internally. Ill most likely just use nginx for the internal routes so filebeat will point to
Ive tried a ton of different configurations to try and get this to work and I get various errors at the login screen with either a failed to connect to graylog.domina.com/api/ or a Post 404 error.