Give indices:admin/template/put permission to user datanode

mcury · April 30, 2025, 1:59pm

Well, that was much much much easier than I initially thought.
Really thanks Tomas Dvorak.

openssl x509 -in cert_mycert.crt -noout -subject
subject=CN = datanode

cat /etc/graylog/datanode/overrideconfig.conf
plugins.security.authcz.admin_dn = CN = datanode

cat /etc/graylog/datanode/datanode.conf | grep overri
opensearch_configuration_overrides_file = /etc/graylog/datanode/overrideconfig.conf

Then, restarted graylog-datanode and the CURL PUT command worked.
I’ll be doing some tests now.

 curl -X PUT --key mykey.crt --cert mycert.crt --cacert myca.crt https://rpi5.home.arpa:9200/_template/graylog_template -H 'Content-Type: application/json' -d '{
  "index_patterns": ["ipfix_*"],
  "settings": {
    "index.translog.flush_threshold_size": "2gb",
    "index.merge.scheduler.max_thread_count": 1,
    "index.translog.durability": "async",
    "index.translog.sync_interval": "10s",
    "index.refresh_interval": "30s",
    "index.merge.policy.max_merge_at_once": 5
  }
}'
{"acknowledged":true}

Topic		Replies	Views
Graylog Datanode: admin access using client certification Graylog Central (peer support) docker , curl , data-node	3	502	November 13, 2024
Certificate issue Graylog Central (peer support) data-node	9	174	July 7, 2025
Elasticsearch cluster datanode-cluster is red. Shards: 1 unassigned Graylog Central (peer support) docker , data-node	5	404	September 2, 2024
Failled to add new Datanode Graylog Central (peer support) data-node	25	409	June 5, 2025
Clean up graylog-datanode indices (_all) Graylog Central (peer support) data-node	2	191	April 12, 2025

Give indices:admin/template/put permission to user datanode

Related topics