Does GrayLog need internet access !? If so why?

Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
I just installed GrayLog in an protected network zone. My systems in that zone, are normally not allowed to access the internet, for security reasons.

However on my firewall I see that GrayLog constantly tries to access and Addresses which do not belong to anyone conform whois :frowning: . What ever I tend to block this!
No reason to access the internet, apart from updates, as far as me is concerned.

1. Describe your incident:

2. Describe your environment:

  • OS Information:
    FreeBSD (TrueNAS-13.0-U3.1 jail)

  • Package Version:


  • Service logs, configurations, and environment variables:

3. What steps have you already taken to try and solve the problem?

4. How can the community help?

Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]

Hi @louis

$ whois

# ARIN WHOIS data and services are subject to the Terms of Use
# available at:
# If you see inaccuracies in the results, please report at
# Copyright 1997-2022, American Registry for Internet Numbers, Ltd.

NetRange: -
NetHandle:      NET-172-64-0-0-1
Parent:         NET172 (NET-172-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS13335
Organization:   Cloudflare, Inc. (CLOUD14)
RegDate:        2015-02-25
Updated:        2021-05-26
Comment:        All Cloudflare abuse reporting can be done via

OrgName:        Cloudflare, Inc.
OrgId:          CLOUD14
Address:        101 Townsend Street
City:           San Francisco
StateProv:      CA
PostalCode:     94107
Country:        US
RegDate:        2010-07-09
Updated:        2021-07-01

Why does GL need to contact CloudFlare? One of the reasons I can think of is to check whether there is a new version out there ( DNS is handled by CloudFlare). And, if there is one, I am sure you’d like to keep your GL server up-to-date with the latest and greatest features and bug fixes.


1 Like

Yep, but CloudFare is just like Amazon just ‘Cloud’ Every body can hide there !!!

The only address I would accept is !!
Surely for ‘servers in the green zone’.

It like emails I receive from 'On behalf of supplier . There is no guaranty at all that that is true. So I tend to throw those mails away …

Hey, @louis

Out of curiosity do you have the Enterprise Plugins install?

No, I am private user using graylog to collect alarms from pfsense and in the future probably other computers in my network.