Graylog behind load balancer, GELF UDP input not receiving messages

We are running a Graylog instance behind a Load Balancer with only one node for now.

I have tried sending GELF UDP messages from a NodeJs App using the graylog2 npm package and also winston-graylog2 but the messages are not arriving to my input.

I have SSH’d into the instance and I’m able to send messages directly using curl like this:

echo '{"version": "1.1","host":"","short_message":"A short message that helps you identify what is going on","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}' | nc -w 1 -u localhost 12201

But if try using the same command and changing localhost to the load balancer endpoint (also tried the public IP, and the DNS) but I’m not seeing any messages arriving to the input.

I’ve also tried the GELF TCP input and the situation is the same: I can send messages from the instance but not from outside the load balancer.

I’m not sure, but it seems like a configuration issue in the LB.

Can anyone point me in the right direction of what might be happening?


Hey there. Thanks for opening this topic and welcome to the community. I noticed you didn’t include much of the information we ask for in the topic template. That makes it hard for folks in the community to help.

As it stands, it seems like Graylog isn’t really the problem, but your load balancer. What LB tech are you using? What’s the configuration look like? Have you tried any pcaps on the LB to ensure that messages are reaching it?

We’re running the Graylog instance behind an Application AWS ELB Load Balancer. We haven’t done any pcap on the balancer.

Could this issue be related to the LB being Application type instead of a Network Balancer?

I will update my original post with more details.

Ah, that would seem to be it. The application load balancer is designed to route HTTP requests and lives at layer 7. I think you’d be better served for your inputs at least, to use a network load balancer. The application load balancer would fit more of a case where you’re routing requests to the UI or API.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.