I just installed Graylog and edited the server.conf to my liking, but I cannot access the web interface. I set an appropriate root password and secret and have the http bind address to 127.0.0.1:9000 so I can access Graylog from my other PC by that machine’s IPv4 address and I have port 9000 open to Graylog. Everytime I try to access it, it says it cannot be found in Google Chrome. I’ve even used pfSense to test the 9000 port and it’s saying that port 9000 isn’t active and listening on the Graylog server.
Is there something I’m missing here? It is not a firewall issue because I packet captured and I know for sure my packets are reaching the Graylog server fine.
So if, for example, that host’s IP is 192.168.0.54, should I put 192.168.0.54 as the http bind address? I’ve already tried that and I still couldn’t reach it.
Just to be clear, I don’t mean NAT between the GL server and the internet - I mean NAT between the GL server and whatever host you’re trying to access the web interface from.
I don’t believe so. NAT is only being used for the internet, obviously. For our local network, we have subnets. I permit appropriate management traffic from our production subnet to our management subnet (which has the Graylog server).
Wait… is MongoDB required for Graylog? I had issues installing it so I force installed it but it may not be installed correctly…
Graylog server.log:
ERROR [MongoConnectionProvider] Error connecting to MongoDB: Timed out after 30000 ms while waiting to connect. Client view of cluster state is {type=UNKNOWN, servers=[{address=localhost:27017, type=UNKNOWN, state=CONNECTING, exception={com.mongodb.MongoSocketOpenException: Exception opening socket}, caused by {java.net.ConnectException: Connection refused (Connection refused)}}]
netstat did not show port 9000 as being actively listened on
Not sure how you tried installing MongoDB but, I’d apt purge whatever mongodb packages you installed and then go through the mongodb installation steps in the docs.