Problema para administrar desde dos servidores distintos//Problem to manage from two different servers


(Mariano) #1

hola, estoy tratando de poder administrar graylog desde dos servidores distintos, uno de internet y otro de intranet, pero no puedo lograrlo, alguna idea?

hello, I’m trying to manage graylog from two different servers, one internet and one intranet, but I can not achieve it, any ideas?


(Tess) #2

Hola Mariano,

Thank you for taking the time to make your question bilingual! These forums only have a few rules and one of them is that [english is the primary and only language](http://We have grown as an international community. Please respect the one and only forum rule: Use English as language.) on here. So it’s cool that you put in the effort!

Now, with regards to your question… Unfortunately it’s not much of a question :smiley: Based on what you explained we have no idea what your situation is, how the infrastructure is connected and most importantly which part isn’t working. So please, provide a lot more details.


(Mariano) #3

Hello, thank you very much for the prompt response and I apologize for writing in Spanish. Regarding the problem, is that I own a PC that has two network cards, which one is connected to the Internet and the other to the intranet each with its corresponding IP, and does not allow me to enter the interface from the two Distinguished IPs.
If I lack data I apologize, I’m new to this type of forums.


(Jan Doberstein) #4

Did you need to have Graylog to be available on both interfaces?

How did you installed Graylog? What is your configuration (server.conf) and did you have some proxy running in front of Graylog? What Version of Graylog did you run?

If the above is not your question, please clarify.


(Mariano) #5

Yes, I have it installed.
The device has two network interfaces (192.168.0.10, 192.168.1.10)
I can only enter 192.168.0.10, from the computers that are in the 192.168.0.0/24
The teams are in the 192.168.1.0/24 can not enter.
I installed the product on 192.168.0.10
I tried to modify several options in the server.conf as the web_listen but I could not make it work.
With respect to the proxy there is no proxy, and the graylog version is Graylog 2.4.3 + 2c4.

I hope I have clarified the panorama and answered the questions, Thank you very much.


(Jan Doberstein) #6

personally I would bind Graylog to localhost (web_listen_uri = http://127.0.0.1:9000/) and use NGINX as proxy that is then listening on all interfaces with a configuration like:

server
{
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    location / {
      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Server $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Graylog-Server-URL http://$http_host/api;
      proxy_pass       http://127.0.0.1:9000;
    }
}

but that is just my personal way - maybe someone else has better ideas.


(Tess) #7

Well, the dirty way would be to simply let Graylog listen on both interfaces, or on 0.0.0.0, right? Is that even an option?


(Mariano) #8

Thank you very much for your answers, we are analyzing the solution with my bosses, I will be in contact to tell you how it was resolved.