Error getting data / Node

“Error getting data / node 5404ceb7 / srv0colectorlog”:

1. Describe your incident: I am experiencing an error in Graylog in a CentOS 7 environment. The error I am seeing is “Error getting data / node 5404ceb7 / srv0colectorlog”.

2. Describe your environment:

  • Operating System Information: CentOS 7
  • Package Version: 4.xx version.
  • Service logs, configurations, and environment variables: No information was provided on service logs, configurations, and environment variables.

3. What steps have you already taken to try and solve the problem? No information was provided on steps that have been taken to try and solve the problem.

4. How can the community help? I would like advice or suggestions on how to resolve the error I am experiencing in Graylog in a CentOS 7 environment. Is there any service log I should check or any configuration I should adjust to fix this problem?

Hey @gerarmoran

Was this error shown in the API browser?

SSL returns 500 in cases when some parameters of request is set incorrect.

Currently, when accessing the node section and selecting the server, it shows me that API error. I would like to know the solution to this error.

2023-04-19T21:49:32.229-05:00 WARN [CorrelationEventProcessor] No valid Enterprise license found - not executing event correlation <SOURCE: 30 minutes silent sender/622915252569ab00dd204b96>
2023-04-19T21:49:32.450-05:00 WARN [ProxiedResource] Unable to call on node <5404ceb7-ca56-4e24-9cec-36a3c354a731>: PKIX path building failed: unable to find valid certification path to requested target
2023-04-19T21:49:32.510-05:00 ERROR [FileInfo] Couldn’t get file info for path: /etc/graylog/server/service-names-port-numbers.csv
java.nio.file.NoSuchFileException: /etc/graylog/server/service-names-port-numbers.csv
at sun.nio.fs.UnixException.translateToIOException( ~[?:1.8.0_312]
at sun.nio.fs.UnixException.rethrowAsIOException( ~[?:1.8.0_312]
at sun.nio.fs.UnixException.rethrowAsIOException( ~[?:1.8.0_312]
at sun.nio.fs.UnixFileAttributeViews$Basic.readAttributes( ~[?:1.8.0_312]
at sun.nio.fs.UnixFileSystemProvider.readAttributes( ~[?:1.8.0_312]
at sun.nio.fs.LinuxFileSystemProvider.readAttributes( ~[?:1.8.0_312]
at java.nio.file.Files.readAttributes( ~[?:1.8.0_312]
at org.graylog2.plugin.utilities.FileInfo.forPath( ~[graylog.jar:?]
at org.graylog2.plugin.utilities.FileInfo.checkForChange( ~[graylog.jar:?]
at org.graylog2.lookup.adapters.CSVFileDataAdapter.doRefresh( ~[graylog.jar:?]
at org.graylog2.plugin.lookup.LookupDataAdapter.refresh( ~[graylog.jar:?]
at org.graylog2.lookup.LookupDataAdapterRefreshService.lambda$schedule$0( ~[graylog.jar:?]
at java.util.concurrent.Executors$ [?:1.8.0_312]
at java.util.concurrent.FutureTask.runAndReset( [?:1.8.0_312]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301( [?:1.8.0_312]
at java.util.concurrent.ScheduledThreadPoolExecutor$ [?:1.8.0_312]
at java.util.concurrent.ThreadPoolExecutor.runWorker( [?:1.8.0_312]
at java.util.concurrent.ThreadPoolExecutor$ [?:1.8.0_312]
at [?:1.8.0_312]
2023-04-19T21:49:32.510-05:00 ERROR [CSVFileDataAdapter] Couldn’t check data adapter CSV file /etc/graylog/server/service-names-port-numbers.csv for updates: java.nio.file.NoSuchFileException /etc/graylog/server/service-names-port-numbers.csv
2023-04-19T21:49:33.538-05:00 WARN [ProxiedResource] Unable to call on node <5404ceb7-ca56-4e24-9cec-36a3c354a731>: PKIX path building failed: unable to find valid certification path to requested target

Hey @gerarmoran

Normally when you see this is because Graylog cant not find your certs, ensure there in the correct keystore and if your using a different keystore you need to make adjustment to show Graylog where its at.

Example and I quote:

In order for the JVM to pick up the new trust store, it has to be started with the JVM parameter If you’ve been using another password to encrypt the JVM trust store than the default changeit, you additionally have to set the JVM parameter

If your using JAVA default keystore " cacerts" this should not be an issue unless you have multiple JAVA installation.


Check the version

java -version

This will tell you which one your using and shows full path.

sudo update-alternatives --config java

Make sure Graylog has access to the certificates, just an idea for a Dev setup, place them in Graylog Home directory /etc/graylog , because Graylog has accesss to its own directory.

just an idea check these out here

I currently don’t have the API key
I could create the key again or restore?..If so, please help me by indicating the steps

Hey @gerarmoran

I believe this is a “keystore” issue.Unfortunately I dont think there is an API for that.

Hey gerarmoran, I had the same problem. After every update I have to put the ssl cert back in the truststore. This is verrry easy. At first you need keytool and you have to find your cert in pem format.
search the truststore of graylog like this:

sudo find / -name cacerts

the truststore is somthing like

now with keytool you can import the cert in the truststore.

sudo keytool -import -keystore /usr/share/elasticsearch/jdk/lib/security/cacerts -file /yor/cert/path

the default keystore password is changeit.


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.