Graylog UI fails to come up with https


(Travis Biggs) #1

I recently upgraded Graylog from 2.0 to 2.2. It worked fine before the upgrade. Now when I go to the https URL I see

We are experiencing problems connecting to the Graylog server running on http://logs.domain.com/api. Please verify that the server is healthy and working correctly.

The http url works as expected. I’m running Graylog behind an AWS load balancer. The load balancer takes care of the https handshake so this seems really odd. If I login to the machine and do a wget on http://logs.domain.com/api I get

{“cluster_id”:“f637007f-8536-4d35-ae7c-b7f6f0f21604”,“node_id”:“9fcdd0a2-8abf-4a46-8821-a88d1f351386”,“version”:“2.2.3+7adc951”,“tagline”:“Manage your logs in the dark and have lasers going and make it look like you’re from space!”}

It seems like everything is configured correctly. The http URL works. I just don’t understand why the https returns that error, especially since the AWS load balancer is handling the https part. Any ideas?


(Travis Biggs) #2

I forgot to mention that I see nothing significant in /var/log/graylog-server/server.log.


(Jochen) #3

How did you upgrade Graylog?
How did you configure Graylog?
Which commands did you execute and what was their output?
Is there anything in the logs of Graylog or Elasticsearch at all?
:arrow_right: http://docs.graylog.org/en/2.2/pages/configuration/file_location.html


(Travis Biggs) #4

How did you upgrade Graylog?

I upgraded Graylog with
sudo rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.2-repository_latest.rpm

How did you configure Graylog?

plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = internalurl Apparently new users can only put 2 links in a post? How very strange and unhelpful.
rest_enable_cors = true
rest_enable_gzip = true
rest_enable_tls = false
web_enable = true
web_listen_uri = http://10.10.10.29:9000/
web_endpoint_uri = externaldomain Apparently new users can only put 2 links in a post? How very strange and unhelpful.
web_enable_cors = true
web_enable_gzip = true
web_enable_tls = false

I don’t assume there could be a problem in the config. I didn’t change anything in here before I upgraded from 2.0 to 2.2, the http url works, and the AWS load balancer is taking care of the https handshake.

Which commands did you execute and what was their output?

I’m trying to go to the web console. It works with http but gives the error I listed above with https.

Is there anything in the logs of Graylog or Elasticsearch at all?

Nope, it’s a little annoying. I even tried setting

<Logger name="org.graylog2" level="debug"/>
<Root level="debug">

Even though the UI shows an error I see no errors in the logs for Graylog or Elasticsearch. I wouldn’t expect anything in the Elasticsearch log but I’m surprised at the lack in the Graylog logs.


(Travis Biggs) #5

The exact error I see is

Error message
Bad request
Original Request
GET http://externalurl/api/system/sessions
Status code
undefined
Full error message
Error: Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.

If anyone knows how I can increase the logging level, please let me know. If I do a wget on that sessions url I see
{"session_id":null,"username":null,"is_valid":false}
Since wget doesn’t have a valid session I suppose that’s correct?


(Jochen) #6

You can use proper formatting for your text snippets to get around that (actually very useful) limitation:

```
TEXT
```

Also please don’t obfuscate your URLs in the configuration file. This is utterly unhelpful.


(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.