Hello, We are on version 2.4.0. We are using the graylog virtual appliance. Our firewall is showing that our graylog server is making frequent connection requests to a range of public ip-addresses as listed below.
Upon doing an initial check it shows these are either ISP’s or data center providers; so the traffic is legit. Is this normal behavior of Graylog? Is there any way to disable this communication from the graylog web UI itself or command line ?
I am sure this is happening for everybody but might have gone unnoticed. .