Permissions error when creating Syslog UDP input

I get an error when I try to create a Syslog UDP input. I can’t find any other program that is using the port. I’ve created a Plaintext UDP input on another port and it works fine. Here’s what I see in the server.log:

at java.util.concurrent.ThreadPoolExecutor$ Source) [?:?]
at Source) [?:?]
Caused by: org.graylog2.plugin.inputs.MisfireException:$NativeIoException: bind(…) failed: Permission denied
at org.graylog2.inputs.transports.UdpTransport.launch( ~[graylog.jar:?]
at org.graylog2.plugin.inputs.MessageInput.launch( ~[graylog.jar:?]
… 7 more
Caused by:$NativeIoException: bind(…) failed: Permission denied
2023-04-20T12:33:57.980-04:00 WARN [UdpTransport] Failed to start channel for input SyslogUDPInput{title=Syslog UDP, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null}$NativeIoException: bind(…) failed: Permission denied
2023-04-20T12:33:57.987-04:00 INFO [InputStateListener] Input [Syslog UDP/64416975303ad23fc281993c] is now FAILED

Hey @kurtehland,

Specifically what port? Try using the below to see if the port is in use elsewhere but alter 9000 to said port.

sudo ss -nap |grep 9000

sudo lsof -i | grep 9000

Port 514. I tried your command but didn’t get any results.

Ports below 1024 are protected, thus the permission denied error. There are ways around this depending on your linux flavour, but i just stick to ports above 1024 like 1514. If you cannot change the port on the source side, you could also use a firewall rule in the OS to redirect 514 to 1514 etc.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.