Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
I’ve installed Graylog Open with Data Node for Red Hat Installation: Single Graylog Node (RHEL 9.5)
After the installation has been successfully completed, I am in the Graylog intial setup which is the preflight login to access the Graylog web interface.
In step 1 : Under Configure Certificate Authority i.e. “Create new CA” it asks you to put Organization Name and I did that .
In step 2 : Under “Configure a renewal policy”, it asks for the renewal policy and certificate lifetime. I’ve set the renewal policy to automatic and certificate lifetime to 2 years and proceeded to click on “Create Policy”. It immediately gives a message “Renewal Policy Successfully Completed”
In step 3 : Under Provision certificates, it doesn’t give me the option to “Provision and Continue” and it shows a message “At least one Graylog data node needs to run before the certificate can be provisioned.” Instead it gives me the option to “Skip Provisioning”
In Step 4 : Once I clicked on “Skip Provisioning”, the next step shows up under " Configuration finished" which says “Resume Startup” . When I click on it gives me the following message
“Are you sure you want to resume startup without a running Graylog data node? This will cause the configuration to fall back to using an Opensearch instance on localhost:9200”
My question is that I haven’t installed Opensearch since I’ll use Data Node. I’m not sure why it’s redirecting me to Opensearch port 9200.
2. Describe your environment:
-
OS Information: Red Hat Enterprise Linux release 9.5 (Plow)
-
Package Version:
MongoDB-org 7.0
Graylog-6.1
3. What steps have you already taken to try and solve the problem?
I’ve checked if all my services are running such as datanode, mongodb and graylog. They are all active and running. Also, I’ve checked all the ports if they are open and added permanently to the firewall and they are listed below -
Graylog: 9000;
MongoDB:27017
Data Node : 9300 (Even though I never had to add this port in my mongod.conf , datanode.conf or server.conf)
4. How can the community help?
I would really appreciate if someone from this awesome community can point me in the right direction how to Provision the certificate from graylog that is Creating New CA instead of skipping the provision. That option for "Create New CA’ is not coming for me at all. Let’s say if i skip the previsioning and continue to the next step then why is it showing me the below message
“Are you sure you want to resume startup without a running Graylog data node? This will cause the configuration to fall back to using an Opensearch instance on localhost:9200”
And what happens if I agree to this message? I am concerned since I do not have any port 9200 added to my firewall for OpenSearch.
My final goal is that I wanted to get into the web interface and add my devices to get the logs.
If you need more details about my setup, please feel free to ask! Thanks in advance everyone for all the help!
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]