Graylog don’t start after install

Hello,

I have installed graylog with the howto (Debian) from this site
docs.graylog.org/en/2.4/pages/installation/os/debian.html.
After the install the website is showing with the message Server currently unavailable!

2018-09-08 20_18_19-Window.png605×504 37.8 KB

my config:
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret = hEjxZY4cvZRXIfoPTxaDRD8Sli9JXAwsZtMczYmAMCM83TXMdSIwsVYAZtAvw2bpdgVebIUstromeMLY8MsXSjG0AteDj64O
root_password_sha2 = e137c92ece5b149d6a8abd86d6c9ee8696577f7a916f90840063b7cb8f835874
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://127.0.0.1:9000/api/
web_listen_uri = http://192.168.178.5:9000/
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://localhost/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
content_packs_dir = /usr/share/graylog-server/contentpacks
content_packs_auto_load = grok-patterns.json
proxied_requests_thread_pool_size = 32

server.log:

// 2018-09-08T20:48:39.399+02:00 INFO [GracefulShutdown] Graceful shutdown initiated. 2018-09-08T20:48:39.403+02:00 INFO [GracefulShutdown] Node status: [Halting [LB:DEAD]]. Waiting <3sec> for possible load balancers to recognize state change. 2018-09-08T20:48:43.414+02:00 INFO [Buffers] Waiting until all buffers are empty. 2018-09-08T20:48:43.417+02:00 INFO [Buffers] All buffers are empty. Continuing. 2018-09-08T20:48:43.419+02:00 INFO [OutputSetupService] Stopping output org.graylog2.outputs.BlockingBatchedESOutput 2018-09-08T20:48:43.424+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.AlertScannerThread]. 2018-09-08T20:48:43.424+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.AlertScannerThread] complete, took <0ms>. 2018-09-08T20:48:43.424+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread]. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] complete, took <0ms>. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.ClusterHealthCheckThread]. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.ClusterHealthCheckThread] complete, took <0ms>. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexerClusterCheckerThread]. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexerClusterCheckerThread] complete, took <0ms>. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRetentionThread]. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRetentionThread] complete, took <0ms>. 2018-09-08T20:48:43.425+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRotationThread]. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRotationThread] complete, took <0ms>. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.VersionCheckThread]. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.VersionCheckThread] complete, took <0ms>. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.ThrottleStateUpdaterThread]. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.ThrottleStateUpdaterThread] complete, took <0ms>. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.events.ClusterEventPeriodical]. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.events.ClusterEventPeriodical] complete, took <0ms>. 2018-09-08T20:48:43.426+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.events.ClusterEventCleanupPeriodical]. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.events.ClusterEventCleanupPeriodical] complete, took <0ms>. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRangesCleanupPeriodical]. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRangesCleanupPeriodical] complete, took <0ms>. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.TrafficCounterCalculator]. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.TrafficCounterCalculator] complete, took <0ms>. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread]. 2018-09-08T20:48:43.427+02:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] complete, took <0ms>. 2018-09-08T20:48:43.428+02:00 INFO [GracefulShutdown] Goodbye. 2018-09-08T20:48:43.432+02:00 INFO [JournalReader] Stopping. 2018-09-08T20:48:43.452+02:00 INFO [JerseyService] Shutting down HTTP listener at <http://127.0.0.1:9000/api/> 2018-09-08T20:48:43.453+02:00 INFO [LookupTableService] Cache otx-api-domain-cache/5b9312c11dc063e5bcaf3c45 [@317d8127] STOPPING, was RUNNING 2018-09-08T20:48:43.459+02:00 INFO [LookupTableService] Cache otx-api-ip-cache/5b9312c11dc063e5bcaf3c43 [@3603e42] STOPPING, was RUNNING 2018-09-08T20:48:43.459+02:00 INFO [LogManager] Shutting down. 2018-09-08T20:48:43.460+02:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@5c90bbb2] STOPPING, was RUNNING 2018-09-08T20:48:43.462+02:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5b9312c11dc063e5bcaf3c46 [@3e372de0] STOPPING, was RUNNING 2018-09-08T20:48:43.462+02:00 INFO [LookupTableService] Cache whois-cache/5b9312c11dc063e5bcaf3c42 [@6f78929b] STOPPING, was RUNNING 2018-09-08T20:48:43.465+02:00 INFO [LookupTableService] Cache otx-api-domain-cache/5b9312c11dc063e5bcaf3c45 [@317d8127] TERMINATED, was STOPPING 2018-09-08T20:48:43.470+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c [@5af53502] STOPPING, was RUNNING 2018-09-08T20:48:43.471+02:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@5c90bbb2] TERMINATED, was STOPPING 2018-09-08T20:48:43.471+02:00 INFO [LookupTableService] Cache otx-api-ip-cache/5b9312c11dc063e5bcaf3c43 [@3603e42] TERMINATED, was STOPPING 2018-09-08T20:48:43.471+02:00 INFO [LookupTableService] Cache whois-cache/5b9312c11dc063e5bcaf3c42 [@6f78929b] TERMINATED, was STOPPING 2018-09-08T20:48:43.471+02:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5b9312c11dc063e5bcaf3c46 [@3e372de0] TERMINATED, was STOPPING 2018-09-08T20:48:43.476+02:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5b9312c11dc063e5bcaf3c49 [@38307831] STOPPING, was RUNNING 2018-09-08T20:48:43.477+02:00 INFO [LookupTableService] Data Adapter otx-api-ip/5b9312c11dc063e5bcaf3c48 [@66683d18] STOPPING, was RUNNING 2018-09-08T20:48:43.477+02:00 INFO [LookupTableService] Data Adapter whois/5b9312c21dc063e5bcaf3c4f [@38261590] STOPPING, was RUNNING 2018-09-08T20:48:43.477+02:00 INFO [LookupTableService] Data Adapter tor-exit-node/5b9312c11dc063e5bcaf3c4e [@209aa694] STOPPING, was RUNNING 2018-09-08T20:48:43.477+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a [@5d7f1f4e] STOPPING, was RUNNING 2018-09-08T20:48:43.480+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c [@5af53502] TERMINATED, was STOPPING 2018-09-08T20:48:43.480+02:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5b9312c11dc063e5bcaf3c49 [@38307831] TERMINATED, was STOPPING 2018-09-08T20:48:43.480+02:00 INFO [LookupTableService] Data Adapter otx-api-ip/5b9312c11dc063e5bcaf3c48 [@66683d18] TERMINATED, was STOPPING 2018-09-08T20:48:43.481+02:00 INFO [LookupTableService] Data Adapter whois/5b9312c21dc063e5bcaf3c4f [@38261590] TERMINATED, was STOPPING 2018-09-08T20:48:43.481+02:00 INFO [LookupTableService] Data Adapter otx-api-domain/5b9312c11dc063e5bcaf3c4d [@352607e0] STOPPING, was RUNNING 2018-09-08T20:48:43.483+02:00 INFO [LookupTableService] Data Adapter tor-exit-node/5b9312c11dc063e5bcaf3c4e [@209aa694] TERMINATED, was STOPPING 2018-09-08T20:48:43.490+02:00 INFO [LookupTableService] Data Adapter otx-api-domain/5b9312c11dc063e5bcaf3c4d [@352607e0] TERMINATED, was STOPPING 2018-09-08T20:48:43.491+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a [@5d7f1f4e] TERMINATED, was STOPPING 2018-09-08T20:48:43.491+02:00 INFO [LookupDataAdapterRefreshService] Stopping 0 jobs 2018-09-08T20:48:43.509+02:00 INFO [NetworkListener] Stopped listener bound to [127.0.0.1:9000] 2018-09-08T20:48:43.510+02:00 INFO [JerseyService] Shutting down HTTP listener at <http://192.168.178.5:9000/> 2018-09-08T20:48:43.529+02:00 INFO [NetworkListener] Stopped listener bound to [192.168.178.5:9000] 2018-09-08T20:48:43.531+02:00 INFO [LogManager] Shutdown complete. 2018-09-08T20:48:43.531+02:00 INFO [ServiceManagerListener] Services are now stopped. 2018-09-08T20:49:23.560+02:00 INFO [CmdLineTool] Loaded plugin: AWS plugins 2.4.6 [org.graylog.aws.plugin.AWSPlugin] 2018-09-08T20:49:23.563+02:00 INFO [CmdLineTool] Loaded plugin: Elastic Beats Input 2.4.6 [org.graylog.plugins.beats.BeatsInputPlugin] 2018-09-08T20:49:23.564+02:00 INFO [CmdLineTool] Loaded plugin: CEF Input 2.4.6 [org.graylog.plugins.cef.CEFInputPlugin] 2018-09-08T20:49:23.565+02:00 INFO [CmdLineTool] Loaded plugin: Collector 2.4.6 [org.graylog.plugins.collector.CollectorPlugin] 2018-09-08T20:49:23.566+02:00 INFO [CmdLineTool] Loaded plugin: Enterprise Integration Plugin 2.4.6 [org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin] 2018-09-08T20:49:23.567+02:00 INFO [CmdLineTool] Loaded plugin: MapWidgetPlugin 2.4.6 [org.graylog.plugins.map.MapWidgetPlugin] 2018-09-08T20:49:23.568+02:00 INFO [CmdLineTool] Loaded plugin: NetFlow Plugin 2.4.6 [org.graylog.plugins.netflow.NetFlowPlugin] 2018-09-08T20:49:23.577+02:00 INFO [CmdLineTool] Loaded plugin: Pipeline Processor Plugin 2.4.6 [org.graylog.plugins.pipelineprocessor.ProcessorPlugin] 2018-09-08T20:49:23.579+02:00 INFO [CmdLineTool] Loaded plugin: Threat Intelligence Plugin 2.4.6 [org.graylog.plugins.threatintel.ThreatIntelPlugin] 2018-09-08T20:49:24.041+02:00 INFO [CmdLineTool] Running with JVM arguments: -Xms1g -Xmx1g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml -Djava.library.path=/usr/share/graylog-server/lib/sigar -Dgraylog2.installation_source=deb 2018-09-08T20:49:24.332+02:00 INFO [Version] HV000001: Hibernate Validator 5.1.3.Final 2018-09-08T20:49:28.158+02:00 INFO [InputBufferImpl] Message journal is enabled. 2018-09-08T20:49:28.189+02:00 INFO [NodeId] Node ID: b8253c74-e314-4f46-af45-f4029301c433 2018-09-08T20:49:28.487+02:00 INFO [LogManager] Loading logs. 2018-09-08T20:49:28.587+02:00 INFO [LogManager] Logs loading complete. 2018-09-08T20:49:28.587+02:00 INFO [KafkaJournal] Initialized Kafka based journal at /var/lib/graylog-server/journal 2018-09-08T20:49:28.612+02:00 INFO [InputBufferImpl] Initialized InputBufferImpl with ring size <65536> and wait strategy <BlockingWaitStrategy>, running 2 parallel message handlers. 2018-09-08T20:49:28.652+02:00 INFO [cluster] Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000} 2018-09-08T20:49:28.816+02:00 INFO [cluster] No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, serverDescriptions=[ServerDescription{address=localhost:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 2018-09-08T20:49:28.877+02:00 INFO [connection] Opened connection [connectionId{localValue:1, serverValue:60}] to localhost:27017 2018-09-08T20:49:28.889+02:00 INFO [cluster] Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 6, 7]}, minWireVersion=0, maxWireVersion=6, maxDocumentSize=16777216, roundTripTimeNanos=936437} 2018-09-08T20:49:28.914+02:00 INFO [connection] Opened connection [connectionId{localValue:2, serverValue:61}] to localhost:27017 2018-09-08T20:49:29.691+02:00 INFO [AbstractJestClient] Setting server pool to a list of 1 servers: [http://127.0.0.1:9200] 2018-09-08T20:49:29.693+02:00 INFO [JestClientFactory] Using multi thread/connection supporting pooling connection manager 2018-09-08T20:49:29.859+02:00 INFO [JestClientFactory] Using custom ObjectMapper instance 2018-09-08T20:49:29.859+02:00 INFO [JestClientFactory] Node Discovery disabled... 2018-09-08T20:49:29.860+02:00 INFO [JestClientFactory] Idle connection reaping disabled... 2018-09-08T20:49:30.549+02:00 INFO [ProcessBuffer] Initialized ProcessBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2018-09-08T20:49:33.055+02:00 INFO [RulesEngineProvider] No static rules file loaded. 2018-09-08T20:49:33.367+02:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /etc/graylog/server/GeoLite2-City.mmdb 2018-09-08T20:49:33.390+02:00 INFO [OutputBuffer] Initialized OutputBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2018-09-08T20:49:33.435+02:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /etc/graylog/server/GeoLite2-City.mmdb 2018-09-08T20:49:33.457+02:00 INFO [connection] Opened connection [connectionId{localValue:3, serverValue:62}] to localhost:27017 2018-09-08T20:49:33.485+02:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /etc/graylog/server/GeoLite2-City.mmdb 2018-09-08T20:49:33.533+02:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /etc/graylog/server/GeoLite2-City.mmdb 2018-09-08T20:49:33.576+02:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /etc/graylog/server/GeoLite2-City.mmdb 2018-09-08T20:49:33.968+02:00 INFO [ServerBootstrap] Graylog server 2.4.6+ceaa7e4 starting up 2018-09-08T20:49:33.972+02:00 INFO [ServerBootstrap] JRE: Oracle Corporation 1.8.0_181 on Linux 4.9.0-7-amd64 2018-09-08T20:49:33.972+02:00 INFO [ServerBootstrap] Deployment: deb 2018-09-08T20:49:33.973+02:00 INFO [ServerBootstrap] OS: Debian GNU/Linux 9 (stretch) (debian) 2018-09-08T20:49:33.973+02:00 INFO [ServerBootstrap] Arch: amd64 2018-09-08T20:49:34.028+02:00 INFO [PeriodicalsService] Starting 25 periodicals ... 2018-09-08T20:49:34.039+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling every [1s]. 2018-09-08T20:49:34.042+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlertScannerThread] periodical in [10s], polling every [60s]. 2018-09-08T20:49:34.042+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical in [0s], polling every [1s]. 2018-09-08T20:49:34.043+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterHealthCheckThread] periodical in [120s], polling every [20s]. 2018-09-08T20:49:34.044+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ContentPackLoaderPeriodical] periodical, running forever. 2018-09-08T20:49:34.045+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.GarbageCollectionWarningThread] periodical, running forever. 2018-09-08T20:49:34.045+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], polling every [30s]. 2018-09-08T20:49:34.046+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling every [300s]. 2018-09-08T20:49:34.048+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling every [10s]. 2018-09-08T20:49:34.050+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.NodePingThread] periodical in [0s], polling every [1s]. 2018-09-08T20:49:34.051+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling every [1800s]. 2018-09-08T20:49:34.052+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], polling every [1s]. 2018-09-08T20:49:34.052+02:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling every [1s]. 2018-09-08T20:49:34.054+02:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], polling every [86400s]. 2018-09-08T20:49:34.057+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running forever. 2018-09-08T20:49:34.064+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, running forever. 2018-09-08T20:49:34.064+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], polling every [3600s]. 2018-09-08T20:49:34.080+02:00 INFO [connection] Opened connection [connectionId{localValue:6, serverValue:65}] to localhost:27017 2018-09-08T20:49:34.081+02:00 INFO [connection] Opened connection [connectionId{localValue:4, serverValue:63}] to localhost:27017 2018-09-08T20:49:34.107+02:00 INFO [connection] Opened connection [connectionId{localValue:5, serverValue:64}] to localhost:27017 2018-09-08T20:49:34.109+02:00 INFO [connection] Opened connection [connectionId{localValue:8, serverValue:67}] to localhost:27017 2018-09-08T20:49:34.110+02:00 INFO [connection] Opened connection [connectionId{localValue:7, serverValue:66}] to localhost:27017 2018-09-08T20:49:34.111+02:00 INFO [connection] Opened connection [connectionId{localValue:10, serverValue:69}] to localhost:27017 2018-09-08T20:49:34.122+02:00 INFO [connection] Opened connection [connectionId{localValue:11, serverValue:70}] to localhost:27017 2018-09-08T20:49:34.123+02:00 INFO [connection] Opened connection [connectionId{localValue:9, serverValue:68}] to localhost:27017 2018-09-08T20:49:34.201+02:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not configured to run on this node. 2018-09-08T20:49:34.201+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlarmCallbacksMigrationPeriodical] periodical, running forever. 2018-09-08T20:49:34.210+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, running forever. 2018-09-08T20:49:34.231+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.LdapGroupMappingMigration] periodical, running forever. 2018-09-08T20:49:34.239+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexFailuresPeriodical] periodical, running forever. 2018-09-08T20:49:34.250+02:00 INFO [Periodicals] Starting [org.graylog2.periodical.TrafficCounterCalculator] periodical in [0s], polling every [1s]. 2018-09-08T20:49:34.260+02:00 INFO [Periodicals] Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever. 2018-09-08T20:49:34.261+02:00 INFO [Periodicals] Starting [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] periodical in [0s], polling every [3600s]. 2018-09-08T20:49:34.279+02:00 INFO [LegacyDefaultStreamMigration] Legacy default stream has no connections, no migration needed. 2018-09-08T20:49:34.323+02:00 INFO [LookupTableService] Data Adapter tor-exit-node/5b9312c11dc063e5bcaf3c4e [@59c59f53] STARTING 2018-09-08T20:49:34.323+02:00 INFO [LookupTableService] Data Adapter otx-api-domain/5b9312c11dc063e5bcaf3c4d [@3c0ef3ce] STARTING 2018-09-08T20:49:34.323+02:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5b9312c11dc063e5bcaf3c49 [@638d69f] STARTING 2018-09-08T20:49:34.323+02:00 INFO [LookupTableService] Data Adapter whois/5b9312c21dc063e5bcaf3c4f [@6505113d] STARTING 2018-09-08T20:49:34.323+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a [@3db357ff] STARTING 2018-09-08T20:49:34.324+02:00 WARN [OTXDataAdapter] OTX API key is missing. Make sure to add the key to allow higher request limits. 2018-09-08T20:49:34.329+02:00 ERROR [LookupDataAdapter] Couldn't start data adapter <tor-exit-node/5b9312c11dc063e5bcaf3c4e/@59c59f53> org.graylog.plugins.threatintel.tools.AdapterDisabledException: TOR service is disabled, not starting TOR exit addresses adapter. To enable it please go to System / Configurations. at org.graylog.plugins.threatintel.adapters.tor.TorExitNodeDataAdapter.doStart(TorExitNodeDataAdapter.java:73) ~[?:?] at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:59) [graylog.jar:?] at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?] at com.google.common.util.concurrent.Callables$4.run(Callables.java:122) [graylog.jar:?] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] 2018-09-08T20:49:34.333+02:00 INFO [LookupTableService] Data Adapter otx-api-ip/5b9312c11dc063e5bcaf3c48 [@3621d683] STARTING 2018-09-08T20:49:34.333+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c [@5a8c77fd] STARTING 2018-09-08T20:49:34.334+02:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c/@5a8c77fd> org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:80) ~[?:?] at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:59) [graylog.jar:?] at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?] at com.google.common.util.concurrent.Callables$4.run(Callables.java:122) [graylog.jar:?] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] 2018-09-08T20:49:34.333+02:00 WARN [OTXDataAdapter] OTX API key is missing. Make sure to add the key to allow higher request limits. 2018-09-08T20:49:34.329+02:00 ERROR [LookupDataAdapter] Couldn't start data adapter <spamhaus-drop/5b9312c11dc063e5bcaf3c49/@638d69f> org.graylog.plugins.threatintel.tools.AdapterDisabledException: Spamhaus service is disabled, not starting (E)DROP adapter. To enable it please go to System / Configurations. at org.graylog.plugins.threatintel.adapters.spamhaus.SpamhausEDROPDataAdapter.doStart(SpamhausEDROPDataAdapter.java:68) ~[?:?] at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:59) [graylog.jar:?] at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?] at com.google.common.util.concurrent.Callables$4.run(Callables.java:122) [graylog.jar:?] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] 2018-09-08T20:49:34.333+02:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a/@3db357ff> org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:80) ~[?:?] at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:59) [graylog.jar:?] at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?] at com.google.common.util.concurrent.Callables$4.run(Callables.java:122) [graylog.jar:?] at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181] 2018-09-08T20:49:34.349+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c [@5a8c77fd] RUNNING 2018-09-08T20:49:34.377+02:00 INFO [LookupTableService] Data Adapter otx-api-domain/5b9312c11dc063e5bcaf3c4d [@3c0ef3ce] RUNNING 2018-09-08T20:49:34.388+02:00 INFO [LookupTableService] Data Adapter whois/5b9312c21dc063e5bcaf3c4f [@6505113d] RUNNING 2018-09-08T20:49:34.388+02:00 INFO [LookupTableService] Data Adapter tor-exit-node/5b9312c11dc063e5bcaf3c4e [@59c59f53] RUNNING 2018-09-08T20:49:34.398+02:00 INFO [LookupTableService] Data Adapter otx-api-ip/5b9312c11dc063e5bcaf3c48 [@3621d683] RUNNING 2018-09-08T20:49:34.409+02:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a [@3db357ff] RUNNING 2018-09-08T20:49:34.409+02:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5b9312c11dc063e5bcaf3c49 [@638d69f] RUNNING 2018-09-08T20:49:34.440+02:00 INFO [LookupTableService] Cache otx-api-ip-cache/5b9312c11dc063e5bcaf3c43 [@1a528be3] STARTING 2018-09-08T20:49:34.451+02:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5b9312c11dc063e5bcaf3c46 [@51f6baa0] STARTING 2018-09-08T20:49:34.459+02:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@206e9ac8] STARTING 2018-09-08T20:49:34.468+02:00 INFO [LookupTableService] Cache whois-cache/5b9312c11dc063e5bcaf3c42 [@20fc99cb] STARTING 2018-09-08T20:49:34.482+02:00 INFO [LookupTableService] Cache otx-api-domain-cache/5b9312c11dc063e5bcaf3c45 [@71c735dc] STARTING 2018-09-08T20:49:34.483+02:00 INFO [LookupTableService] Cache otx-api-ip-cache/5b9312c11dc063e5bcaf3c43 [@1a528be3] RUNNING 2018-09-08T20:49:34.485+02:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5b9312c11dc063e5bcaf3c46 [@51f6baa0] RUNNING 2018-09-08T20:49:34.485+02:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@206e9ac8] RUNNING 2018-09-08T20:49:34.485+02:00 INFO [LookupTableService] Cache otx-api-domain-cache/5b9312c11dc063e5bcaf3c45 [@71c735dc] RUNNING 2018-09-08T20:49:34.497+02:00 INFO [LookupTableService] Cache whois-cache/5b9312c11dc063e5bcaf3c42 [@20fc99cb] RUNNING 2018-09-08T20:49:34.526+02:00 INFO [LookupTableService] Starting lookup table otx-api-domain/5b9312c21dc063e5bcaf3c50 [@6506c877] using cache otx-api-domain-cache/5b9312c11dc063e5bcaf3c45 [@71c735dc], data adapter otx-api-domain/5b9312c11dc063e5bcaf3c4d [@3c0ef3ce] 2018-09-08T20:49:34.527+02:00 INFO [LookupTableService] Starting lookup table spamhaus-drop/5b9312c21dc063e5bcaf3c52 [@73a5003a] using cache spamhaus-e-drop-cache/5b9312c11dc063e5bcaf3c46 [@51f6baa0], data adapter spamhaus-drop/5b9312c11dc063e5bcaf3c49 [@638d69f] 2018-09-08T20:49:34.527+02:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-domains/5b9312c21dc063e5bcaf3c53 [@5cfb79a4] using cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@206e9ac8], data adapter abuse-ch-ransomware-domains/5b9312c11dc063e5bcaf3c4a [@3db357ff] 2018-09-08T20:49:34.527+02:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-ip/5b9312c21dc063e5bcaf3c54 [@55b00317] using cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@206e9ac8], data adapter abuse-ch-ransomware-ip/5b9312c11dc063e5bcaf3c4c [@5a8c77fd] 2018-09-08T20:49:34.527+02:00 INFO [LookupTableService] Starting lookup table otx-api-ip/5b9312c21dc063e5bcaf3c55 [@6262ca6] using cache otx-api-ip-cache/5b9312c11dc063e5bcaf3c43 [@1a528be3], data adapter otx-api-ip/5b9312c11dc063e5bcaf3c48 [@3621d683] 2018-09-08T20:49:34.528+02:00 INFO [LookupTableService] Starting lookup table tor-exit-node-list/5b9312c21dc063e5bcaf3c56 [@5d595888] using cache threat-intel-uncached-adapters/5b9312c11dc063e5bcaf3c47 [@206e9ac8], data adapter tor-exit-node/5b9312c11dc063e5bcaf3c4e [@59c59f53] 2018-09-08T20:49:34.528+02:00 INFO [LookupTableService] Starting lookup table whois/5b9312c21dc063e5bcaf3c57 [@5a682cde] using cache whois-cache/5b9312c11dc063e5bcaf3c42 [@20fc99cb], data adapter whois/5b9312c21dc063e5bcaf3c4f [@6505113d] 2018-09-08T20:49:34.844+02:00 INFO [JerseyService] Enabling CORS for HTTP endpoint 2018-09-08T20:49:48.037+02:00 INFO [NetworkListener] Started listener bound to [127.0.0.1:9000] 2018-09-08T20:49:48.039+02:00 INFO [HttpServer] [HttpServer] Started. 2018-09-08T20:49:48.039+02:00 INFO [JerseyService] Started REST API at <http://127.0.0.1:9000/api/> 2018-09-08T20:49:50.512+02:00 INFO [NetworkListener] Started listener bound to [192.168.178.5:9000] 2018-09-08T20:49:50.512+02:00 INFO [HttpServer] [HttpServer-1] Started. 2018-09-08T20:49:50.513+02:00 INFO [JerseyService] Started Web Interface at <http://192.168.178.5:9000/> 2018-09-08T20:49:50.513+02:00 INFO [ServiceManagerListener] Services are healthy 2018-09-08T20:49:50.514+02:00 INFO [InputSetupService] Triggering launching persisted inputs, node transitioned from Uninitialized [LB:DEAD] to Running [LB:ALIVE] 2018-09-08T20:49:50.521+02:00 INFO [ServerBootstrap] Services started, startup times in ms: {BufferSynchronizerService [RUNNING]=25, OutputSetupService [RUNNING]=31, KafkaJournal [RUNNING]=35, ConfigurationEtagService [RUNNING]=171, StreamCacheService [RUNNING]=200, JournalReader [RUNNING]=204, InputSetupService [RUNNING]=212, PeriodicalsService [RUNNING]=307, LookupTableService [RUNNING]=510, JerseyService [RUNNING]=16498} 2018-09-08T20:49:50.529+02:00 INFO [ServerBootstrap] Graylog server up and running.

Have anybody a idea what i have made wrong?

thx
Frank

Your rest listen url is the loopback interface. Unless you run the browser on the server machine, you could try a real ethernet interface address.

Thank you for you answer, i havn’t a browser on my machine, I had only a command line. Or can i test it with “curl”?

So then change 127.0.0.1 to the real IP address, and restart Graylog.

Many thanks to you @jtkarvo it is running now!!!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.