Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question. Don’t forget to select tags to help index your topic!
1. Describe your incident:
Everything is setup PER documents with the IP of the VM set as the HTTP bind but i still cannot connect to it. I can confirm via ubuntu’s services that graylog-server is indeed running.
2. Describe your environment:
OS Information:
Ubuntu 20.04
Package Version:
Latest
Service logs, configurations, and environment variables:
3. What steps have you already taken to try and solve the problem?
I’ve rebuilt the VM 3 times, no dice.
Changing ports and opening ports made no difference.
4. How can the community help?
Am i doing something wrong? Is anyone able to look over my setup to let me know if i missed something?
You can post your server config file for review. Make sure it is obfuscated and formatted with the </> tool.
There are some tips on commands for troubleshooting and on how to post information here. It’s hard to help troubleshoot without configurations or logs.
Unfortunately my VM is not accessible from my windows environment so i cannot get the config file. But the ONLY thing that I’ve changed is the HTTP bind to the Linux VM’s IP. and set a password secret and the sha256 of my password. other than that its completely stock.
Hard to diagnose why a car doesn’t run without actually looking at it … hmmm remember CarTalk with Click and Clack the Tappit Brothers?
Do you have IP tables enabled, if so are the configured correctly? If you can’t get to the VM to pull the config file, how are you getting to it to catch the Graylog GUI? Is the same separating mechanism causing the problem? Have you looked a the Graylog server logs?
I would go back through the config files and rather than assuming the defaults, I would explicitly put in relevant information. Graylog is not even seeing it’s elastic server…which wouldn’t stop login but it does mean your config is not correct in multiple ways.
What versions of the components did you install? Java/MongoDB/Elasticsearch? Is everything installed on the same server?
The logs do seem to indicate an issue with Elasticsearch, is it running?
FWIW, I’m assuming this is a test/eval box, but I can’t think of any reason that you would ever need to post your password_secret, or root_password_sha2. So I would suggest changing those at some point.
