Fresh AWS AMI installation


(Kevin Rook) #1

Just spun up a new AWS AMI of Graylog.

but when i visit the url http://PublicIP:9000

i get this error

Error message
Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.
Original Request
GET http://PublicIP:9000/api/system/sessions
Status code
undefined
Full error message
Error: Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.

Regards

Kevin


(Jan Doberstein) #2
  • Did you check the security Group?
  • Did you check if a Firewall is in between?
  • Can you reach your Browser the PUBLICIP on Port 9000?

(Kevin Rook) #3

Jan,

Thanks for your reply.

Yes i get to the login screen on my public ip :9000

But there’s a grey box that says its loading and then the above message.

I used the AWS AMI listed in your github repo.

I also ran the graylog-ctl setup public ip then reconfigure. But that didn’t solve it either.

I then also set the public up in the graylog.conf

But still no joy…


(Jan Doberstein) #4

From what you describe, your Browser is not able to connect to the Graylog API.

As you use the AMI, can you please share your /etc/graylog/graylog-settings.json maybe we can spot something wrong on that. Or it is simple just some kind of security group that disallow the connection.


(Kevin Rook) #5

sorry for the delay, i was off on Annual Leave.

contents of /etc/graylog/graylog-settings.json

{
“timezone”: “Etc/UTC”,
“smtp_server”: “”,
“smtp_port”: 587,
“smtp_user”: “”,
“smtp_password”: “”,
“smtp_from_email”: null,
“smtp_web_url”: null,
“smtp_no_tls”: false,
“smtp_no_ssl”: false,
“master_node”: “127.0.0.1”,
“local_connect”: false,
“current_address”: “172.31.45.198”,
“last_address”: “172.31.45.198”,
“enforce_ssl”: false,
“journal_size”: 1,
“node_id”: false,
“internal_logging”: true,
“web_listen_uri”: false,
“web_endpoint_uri”: false,
“rest_listen_uri”: false,
“rest_transport_uri”: false,
“external_rest_uri”: “http://18.223.157.186:9000/api/”,
“custom_attributes”: {

}
& screen shot showing my security rules.
Regards

Kevin


(Jan Doberstein) #6

He Kevin,

not sure about the issue - it might be related to your installation. Access to your API (the external Endpoint) is possible. But when using a Browser it runs into a timeout.

http GET http://18.223.157.186:9000/api/
HTTP/1.1 200 OK
Content-Length: 232
Content-Type: application/json
Date: Mon, 10 Sep 2018 14:03:58 GMT
X-Graylog-Node-ID: 6019884e-2532-485c-a77d-5a14f273bf97
X-Runtime-Microseconds: 2631

{
    "cluster_id": "ae3f3ac8-375d-4f08-9ce6-3f56c1d13efe",
    "node_id": "6019884e-2532-485c-a77d-5a14f273bf97",
    "tagline": "Manage your logs in the dark and have lasers going and make it look like you're from space!",
    "version": "2.4.6+ceaa7e4"

04

I guess that the system might be a little bit underpowered and does not answer in time. What can be found in your Graylog server.log? ( http://docs.graylog.org/en/2.4/pages/configuration/file_location.html#omnibus-package )