Graylog Okta integration

Hi folks, I am trying to integrate okta authentication in Graylog but here’s some unidentified error, see attached screen. I have free version of graylog, no license is inserted, this should be the issue?


Here’s my env :
OS : Centos7
Graylog 4.3.1

Have you got any suggestion?

Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]

Hard to diagnose just from that error message.
Is there anything in the logs?
Does the Okta configuration test connection work? How is it configured?

I will check logs and get back to you,

Test connection is okay, We have configured via OAuth Client ID and okta base url.

So the fact that I have got no license is not related to that case?

I checked logs and here’s result

There’s no audit logs because of license and therefore nothing appears about okta authentication.

That is strange - if you have no valid license, you shouldn’t be able to configure Okta for authentication either. Did this just start failing recently?
What do you see on the system/licenses UI?

No, I have configured couple of days ago and problem was momentary.

Hello @shotarry

Is it possible to see the stack trace of Graylog logs?

Hello @gsmith , could you tell me how to see strack trace of graylog logs? should I enable smth? or where should i see it?

somebody? anybody?

Please help.

Hello @shotarry

Example: To see the full logs as this issue is happing, I would use something like this.

root# tail -f /var/log/graylog-server/server.log

Then show my logs like this in this type of format :+1:

2022-08-31T16:51:43.066-05:00 INFO  [ServerBootstrap] Graylog server up and running.
2022-08-31T16:51:43.066-05:00 ERROR [AuditLogger] Unable to write audit log entry because there is no valid license.
2022-08-31T16:51:43.128-05:00 INFO  [connection] Opened connection [connectionId{localValue:11, serverValue:62}] to localhost:27017
2022-08-31T16:51:43.138-05:00 INFO  [connection] Opened connection [connectionId{localValue:12, serverValue:63}] to localhost:27017
2022-08-31T16:51:43.149-05:00 INFO  [connection] Opened connection [connectionId{localValue:13, serverValue:64}] to localhost:27017
2022-08-31T16:51:43.168-05:00 INFO  [connection] Opened connection [connectionId{localValue:14, serverValue:65}] to localhost:27017
2022-08-31T16:51:43.206-05:00 INFO  [InputLauncher] Launching input [GELF TCP/Windows System Secure/5a62903bffe8b1e04bd2fe89] - desired state is RUNNING
2022-08-31T16:51:43.226-05:00 INFO  [InputLauncher] Launching input [Raw/Plaintext UDP/Security Devices/5a6965ef83d72e84ac7ca99b] - desired state is RUNNING
2022-08-31T16:51:43.228-05:00 INFO  [InputLauncher] Launching input [GELF TCP/Linux Secure System/5e265ada83d72ec570ab5fe2] - desired state is RUNNING
2022-08-31T16:51:43.232-05:00 INFO  [AbstractTcpTransport] Enabled TLS for input [GELF TCP/5a62903bffe8b1e04bd2fe89]. key-file="/etc/graylog/graylog3-key.pem" cert-file="/etc/graylog/graylog3-certificate.pem"
2022-08-31T16:51:43.233-05:00 INFO  [InputLauncher] Launching input [Raw/Plaintext UDP/Network Devices (Force 10)/5e9f732383d72e05f668a26d] - desired state is RUNNING
2022-08-31T16:51:43.234-05:00 INFO  [AbstractTcpTransport] Enabled TLS for input [GELF TCP/5e265ada83d72ec570ab5fe2]. key-file="/etc/graylog/graylog3-key.pem" cert-file="/etc/graylog/graylog3-certificate.pem"
2022-08-31T16:51:43.236-05:00 INFO  [InputLauncher] Launching input [NetFlow UDP/NetFlow/61930ee96cfcf9713fe14bf2] - desired state is RUNNING
2022-08-31T16:51:43.240-05:00 INFO  [InputStateListener] Input [GELF TCP/5a62903bffe8b1e04bd2fe89] is now STARTING
2022-08-31T16:51:43.240-05:00 INFO  [InputLauncher] Launching input [Beats/ Beats/619318e9d1f2fd03dc7b4b4c] - desired state is RUNNING
2022-08-31T16:51:43.243-05:00 INFO  [InputStateListener] Input [Raw/Plaintext UDP/5a6965ef83d72e84ac7ca99b] is now STARTING
2022-08-31T16:51:43.249-05:00 INFO  [InputStateListener] Input [GELF TCP/5e265ada83d72ec570ab5fe2] is now STARTING

Its hard to help not seeing what’s going on, so more information you give us might be able to help diagnose the issue. If you unsure please look at this post

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.