Graylog Web interface cannot be open


(peter) #1

Hi, Good day!

I would ask to ask for a help regarding this graylog. I setup manually the grayloy and all the stuffs but then when i try to access it open the network it cannot be open.

I have followed the instruction on how to setup web interface bu then it cannot be open.

Thanks
Peter legista


(Justas) #2

make sure

  1. in /var/log/graylog/server.log that the webserver goes up
  2. That all graylog server goes up
  3. Check the IP you have assigned to it, also you can see in logs which addresses are getting assigned.
  4. Are you accessing locally from the machine and from other machine? Might be listening only on 127.0.0.1 (by default).

(peter) #3

in /var/log/graylog/server.log that the webserver goes up - no server.log found on that directory
That all graylog server goes up - not sure- Please help me with this, i am new in graylog.
Check the IP you have assigned to it, also you can see in logs which addresses are getting assigned.
Are you accessing locally from the machine and from other machine? Might be listening only on 127.0.0.1 (by default).


(peter) #4
  1. in /var/log/graylog/server.log that the webserver goes up - no server.log in that location
  2. That all graylog server goes up- i do not know how to check, please help me
  3. Check the IP you have assigned to it, also you can see in logs which addresses are getting assigned. - is this in server.conf? please help
  4. Are you accessing locally from the machine and from other machine? Might be listening only on 127.0.0.1 (by default). i trying to access it in the network

(Jochen) #5

How exactly did you install and configure Graylog?


(peter) #6

I follow this link http://docs.graylog.org/en/2.3/pages/installation/os/ubuntu.html


(peter) #7

after i followed it, Graylog cannot be open in browser


(peter) #8

Below was the exact thing i does:
Prerequisites
Taking a minimal server setup as base will need this additional packages:
sudo apt-get update && sudo apt-get upgrade_ _ sudo apt-get install apt-transport-https openjdk-8-jre-headless uuid-runtime pwgen

MongoDB
The Version included in Ubuntu 16.04 LTS can be used together with Graylog 2.3.x and higher:
$ sudo apt-get install mongodb-server

Elasticsearch
Graylog 2.3.x can be used with Elasticsearch 5.x, please follow the installation instructions from the z(Elasticsearch installation guide: - > I did not look at this Elasticsearch guide)
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -_ _ echo “deb https://artifacts.elastic.co/packages/5.x/apt stable main” | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list
$ sudo apt-get update && sudo apt-get install elasticsearch

Make sure to modify the Elasticsearch configuration file (/etc/elasticsearch/elasticsearch.yml) and set the cluster name to graylog additionally you need to uncomment (remove the # as first character) the line:
cluster.name: graylog

After you have modified the configuration, you can start Elasticsearch:
sudo systemctl daemon-reload_ _ sudo systemctl enable elasticsearch.service
$ sudo systemctl restart elasticsearch.service

Graylog
Now install the Graylog repository configuration and Graylog itself with the following commands:
wget https://packages.graylog2.org/repo/packages/graylog-2.3-repository_latest.deb_ _ sudo dpkg -i graylog-2.3-repository_latest.deb
$ sudo apt-get update && sudo apt-get install graylog-server

Follow the instructions in your /etc/graylog/server/server.conf and add password_secret and root_password_sha2. These settings are mandatory and without them, Graylog will not start!

You need to use the following command to create your root_password_sha2:
echo -n yourpassword | sha256sum

To be able to connect to Graylog you should set (rest_listen_uri -> done this) and (web_listen_uri -> done this) to the public host name or a public IP address of the machine you can connect to. More information about these settings can be found in Configuring the web interface.

The last step is to enable Graylog during the operating system’s startup:

sudo systemctl daemon-reload_ _ sudo systemctl enable graylog-server.service
$ sudo systemctl start graylog-server.service

Now, after all of this line, i still cannot open the graylog in browser

Please some one help me out with this, Thanks in advance!


(Jochen) #9

What’s the specific configuration of your Graylog node?
What’s in the logs of your Graylog node?

See http://docs.graylog.org/en/2.3/pages/configuration/file_location.html#deb-package for the file locations.


(peter) #10

I do not know the Specific Configuration that you are talking, i just want to use it to collect logs from Windows server and follow the instruction and does the thing above. Please help me on this. Thanks and advance Sir.


(Justas) #11
  1. You will need to be more proactive than waiting for help to work this out :slight_smile:
  2. Which Linux version do you use? Is there a firewall? Can you ping the machine at all?
  3. Run a command on graylog server in a terminal “netstat -l” and check whether there is a service listening on your set IP address whether on port 80 if HTTP or 443 if HTTPS.
  4. What are the values in your server.conf for:
    a. web_listen_uri
  5. You need to find graylog log file, run command: sudo find / -name server.log
  6. If really there is no file as such, check journals: sudo journalctl --unit graylog

(system) #12

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.