Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
Invalid credentials, please verify them and retry.
I am not able to log in Graylog UI running on docker. I’m making use of the environment variable file.
I can’t see anything obvious in the logs apart from wrong credentials. Any help how I can solve this?
2. Describe your environment:
VM on an ESXi host
- OS Information:
Ubuntu 24.04 running Docker version 24.0.5, build ced0996
- Service logs, configurations, and environment variables:
version: “3.8”
services:
mongodb:
image: “mongo:5.0”
volumes:
- “mongodb_data:/data/db”
restart: “on-failure”
opensearch:
image: “opensearchproject/opensearch:2.4.0”
environment:
- “OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g”
- “bootstrap.memory_lock=true”
- “discovery.type=single-node”
- “action.auto_create_index=false”
- “plugins.security.ssl.http.enabled=false”
- “plugins.security.disabled=true”
ulimits:
memlock:
hard: -1
soft: -1
nofile:
soft: 65536
hard: 65536
volumes:
- “os_data:/usr/share/opensearch/data”
restart: “on-failure”
graylog:
hostname: “server”
image: “${GRAYLOG_IMAGE:-graylog/graylog:5.1.5}”
depends_on:
opensearch:
condition: “service_started”
mongodb:
condition: “service_started”
entrypoint: “/usr/bin/tini – wait-for-it opensearch:9200 – /docker-entrypoint.sh”
environment:
GRAYLOG_NODE_ID_FILE: “/usr/share/graylog/data/config/node-id”
GRAYLOG_PASSWORD_SECRET: “$${GRAYLOG_PASSWORD_SECRET:?Please configure GRAYLOG_PASSWORD_SECRET in the .env file}”
GRAYLOG_ROOT_PASSWORD_SHA2: “$${GRAYLOG_ROOT_PASSWORD_SHA2:?Please configure GRAYLOG_ROOT_PASSWORD_SHA2 in the .env file}”
GRAYLOG_HTTP_BIND_ADDRESS: “0.0.0.0:9000”
GRAYLOG_HTTP_EXTERNAL_URI: “http://localhost:9000/”
GRAYLOG_ELASTICSEARCH_HOSTS: “http://opensearch:9200”
GRAYLOG_MONGODB_URI: “mongodb://mongodb:27017/graylog”
ports:
- “5044:5044/tcp” # Beats
- “5140:5140/udp” # Syslog
- “5140:5140/tcp” # Syslog
- “5555:5555/tcp” # RAW TCP
- “5555:5555/udp” # RAW TCP
- “9000:9000/tcp” # Server API
- “12201:12201/tcp” # GELF TCP
- “12201:12201/udp” # GELF UDP
#- “10000:10000/tcp” # Custom TCP port
#- “10000:10000/udp” # Custom UDP port
- “13301:13301/tcp” # Forwarder data
- “13302:13302/tcp” # Forwarder config
volumes:
- “graylog_data:/usr/share/graylog/data/data”
- “graylog_journal:/usr/share/graylog/data/journal”
restart: “on-failure”
volumes:
mongodb_data:
os_data:
graylog_data:
graylog_journal:
graylog.env
# You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
# Generate one by using for example: pwgen -N 1 -s 96
# ATTENTION: This value must be the same on all Graylog nodes in the cluster.
# Changing this value after installation will render all user sessions and encrypted values in the database invalid. (e.g. encrypted access tokens)
GRAYLOG_PASSWORD_SECRET=“AYxn7O0Fg3YJkpVhKQHgiWzfWs1JhvahMBG11twfIdlRwExUXHblts9XlYyt7zQTIo8Zj4vNgqtFkj5wsysUVMMX4hvlHIRV”
# You MUST specify a hash password for the root user (which you only need to initially set up the
# system and in case you lose connectivity to your authentication backend)
# This password cannot be changed using the API or via the web interface. If you need to change it,
# modify it in this file.
# Create one by using for example: echo -n yourpassword | shasum -a 256
# and put the resulting hash value into the following line
# CHANGE THIS!
GRAYLOG_ROOT_PASSWORD_SHA2=“ce1dedff58447c834034af15c7c139aa1ad6149366ad8c87984058ae98ae4dae”
3. What steps have you already taken to try and solve the problem?
I have generated a number of hashes using also passwords that have no special characters, each time restarting or even tried to delete all my containers and images and have them built again.