incident:
The graylog deployed in the k8s environment can directly access the API document without logging in: ip:32021/api/api-docs, resulting in a security vulnerability, please ask how to restrict its access
While the API Doc page is accessible, none of the endpoints are accessible without authentication.
If you absolutely must restrict this you’ll need to use a proxy or load balancer to do either URL filtering, additional authentication, or source filtering.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.