We are running a Graylog instance behind a Load Balancer with only one node for now.
I have tried sending GELF UDP messages from a NodeJs App using the graylog2 npm package and also winston-graylog2 but the messages are not arriving to my input.
I have SSH’d into the instance and I’m able to send messages directly using curl like this:
echo '{"version": "1.1","host":"david.org","short_message":"A short message that helps you identify what is going on","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}' | nc -w 1 -u localhost 12201
But if try using the same command and changing localhost to the load balancer endpoint (also tried the public IP, and the DNS) but I’m not seeing any messages arriving to the input.
I’ve also tried the GELF TCP input and the situation is the same: I can send messages from the instance but not from outside the load balancer.
I’m not sure, but it seems like a configuration issue in the LB.
Can anyone point me in the right direction of what might be happening?
Hey there. Thanks for opening this topic and welcome to the community. I noticed you didn’t include much of the information we ask for in the topic template. That makes it hard for folks in the community to help.
As it stands, it seems like Graylog isn’t really the problem, but your load balancer. What LB tech are you using? What’s the configuration look like? Have you tried any pcaps on the LB to ensure that messages are reaching it?
Ah, that would seem to be it. The application load balancer is designed to route HTTP requests and lives at layer 7. I think you’d be better served for your inputs at least, to use a network load balancer. The application load balancer would fit more of a case where you’re routing requests to the UI or API.
