Cleanest solution to 'input failed' and binding to privileged ports (systemd users)

If your syslog input fails to start it’s probably because the graylog-server service is attempting to bind to a priveleged UDP port (514 < 1024).

If your system uses systemd as the init system (most these days), then there’s a very clean fix.

You need to find and edit the systemd unit file, which will named graylog-server.service.

vi /usr/lib/systemd/system/graylog-server.service

Add these lines to the [Service] section:

# allow binding to 514
AmbientCapabilities=CAP_NET_BIND_SERVICE

Then reload the server:

systemctl reload graylog-server

Inputs should start automatically.

2 Likes

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.