Hi Jo,
I did follow the document in the link and I couldn’t make it work.
HAProxy:
frontend graylog_https
bind *:443
option forwardfor
http-request add-header X-Forwarded-Host %[req.hdr(host)]
http-request add-header X-Forwarded-Server %[req.hdr(host)]
http-request add-header X-Forwarded-Port %[dst_port]
acl is_graylog hdr_dom(host) -i -m str example.graylog.com
use_backend graylog
backend graylog
description The Graylog Web backend.
balance roundrobin
option httpchk HEAD /api/system/lbstatus
http-request set-header X-Graylog-Server-URL https://example.graylog.com/api
server graylog1 10.10.10.10:9000 maxconn 20 check
server graylog2 10.10.10.11:9000 maxconn 20 check
GRAYLOG NODE 1:
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = [redacted]
root_password_sha2 = [redacted]
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = https://10.10.10.10:9000/api/
rest_enable_tls = true
rest_tls_cert_file = /graylog/ssl-keys/Test-Certificate.pem
rest_tls_key_file = /graylog/ssl-keys/Test-PriKey.pem
web_listen_uri = http://10.10.10.10:9000/
web_enable_tls = true
web_tls_cert_file = /graylog/ssl-keys/Test-Certificate.pem
web_tls_key_file = /graylog/ssl-keys/Test-PriKey.pem
elasticsearch_hosts = http://10.10.10.10:9200,http://10.10.10.11:9200
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 64
outputbuffer_processors = 64
processor_wait_strategy = blocking
ring_size = 131072
inputbuffer_ring_size = 131072
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
message_journal_max_size = 10gb
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://10.10.10.10,10.10.10.11/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
transport_email_enabled = true
transport_email_hostname = smtpio.testing.com
transport_email_port = 25
transport_email_use_auth = false
transport_email_use_tls = false
transport_email_use_ssl = false
transport_email_subject_prefix = [graylog-alerts]
transport_email_from_email = graylog-alerts@testing.com
transport_email_web_interface_url = https://10.10.10.10:9000
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32
allow_highlighting = true
GRAYLOG NODE 2:
is_master = false
node_id_file = /etc/graylog/server/node-id
password_secret = [redacted]
root_password_sha2 = [redacted]
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = https://10.10.10.11:9000/api/
rest_enable_tls = true
rest_tls_cert_file = /graylog/ssl-keys/Test-Certificate.pem
rest_tls_key_file = /graylog/ssl-keys/Test-PriKey.pem
web_listen_uri = http://10.10.10.11:9000/
web_enable_tls = true
web_tls_cert_file = /graylog/ssl-keys/Test-Certificate.pem
web_tls_key_file = /graylog/ssl-keys/Test-PriKey.pem
elasticsearch_hosts = http://10.10.10.10:9200,http://10.10.10.11:9200
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 64
outputbuffer_processors = 64
processor_wait_strategy = blocking
ring_size = 131072
inputbuffer_ring_size = 131072
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
message_journal_max_size = 10gb
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://10.10.10.10,10.10.10.11/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
transport_email_enabled = true
transport_email_hostname = smtpio.testing.com
transport_email_port = 25
transport_email_use_auth = false
transport_email_use_tls = false
transport_email_use_ssl = false
transport_email_subject_prefix = [graylog-alerts]
transport_email_from_email = graylog-alerts@testing.com
transport_email_web_interface_url = https://10.10.10.11:9000
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32
allow_highlighting = true
When I try to access https://example.graylog.com page is not opening. Can you help me what I am doing wrong. Thanks