Unable to access api-browser


(Matt) #1

Hi,

We currently have the following 2 issues:

  1. Nodes > ‘API browser’ button links to http://127.0.0.1:12900/api-browser. I can’t seem to change this link to either an External IP or hostname. Do I need to update at code level? (server.conf below)

  2. If I manually browse to http://externalip/api-browser I get to the login page but there is no login/submit button (logo, user and pwd fields only). Therefore I am unable to browse the API for this node.

Everything else functions as expected with no issues. I just can’t seem to access /api-browser. Any help appreciated.

Thanks, Matt

nginx.conf

server
{ 
  listen      80 default_server;
  
  location /api/
    {   
        proxy_set_header    Host $http_host; 
        proxy_set_header    X-Forwarded-Host $host;
        proxy_set_header    X-Forwarded-Server $host;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass          http://127.0.0.1:12900/;
    }
  location /
    {   
        proxy_set_header    Host $http_host; 
        proxy_set_header    X-Forwarded-Host $host;
        proxy_set_header    X-Forwarded-Server $host;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Graylog-Server-URL "http://${host}/api";
        proxy_pass          http://127.0.0.1:9000;
    }
    location /api-browser {
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
    rewrite ^/api/(.*) /$1 break;
    proxy_pass http://127.0.0.1:12900;
  }
}

server.conf

rest_listen_uri = http://127.0.0.1:12900/
rest_transport_uri = http://127.0.0.1:12900/
web_listen_uri = http://127.0.0.1:9000/


(Jochen) #2

The API browser button on the SystemNodes page will always use rest_transport_uri to build the URI.

The intention is to be able to use the API browser of a specific node and not of a random node which potentially is being returned by a load-balancer or reverse proxy.


(Matt) #3

Thanks jochen.

I have tried updating the rest_transport_uri to the external IP of the server (http://x.x.x.x:12900/) but within System > Nodes I get:

'System information is currently unavailable.;

Then when I click on the node I get redirected to an Error Getting Data Page which contains:

‘Error: cannot GET http://X.X.X.X/api/cluster/sdfsdfdsfdsfds/jvm (500)’

Within the server.log I can see the following:

‘2017-05-05T14:51:53.619Z WARN [ProxiedResource] Unable to call http://x.x.x.x:12900/system on node
java.net.SocketTimeoutException: connect timed out’

Is there perhaps a configuration change I need to make to nginx as well?

Current setup on the 1 instance is: mongodb, nginx, elasticsearch and graylog server.


(Jochen) #4

Each Graylog node has to be able to access the rest_transport_uri of each other Graylog node (and also of itself).


(Matt) #5

I’m presuming I have an issue with my nginx setup? See results from the local command line:

curl 127.0.0.1:12900

{“cluster_id”:“xxxxx”,“node_id”:“xxxxx”,“version”:“2.2.3+7adc951”,“tagline”:“Manage your logs in the dark and have lasers going and make it look like you’re from space!”}

curl 127.0.0.1:12900/api
Shows Graylog Web Interface html page.

curl 127.0.0.1/api-browser

Shows REST API browser html.

127.0.0.1/api-browser reveals the api browser page from commandline. I can get to the API Browser page in my web browser by going to http://externalip/api-browser which shows user and password fields but can’t login.

Anyone else come across this issue?


(Matt) #6

Update:

I have updated the rest listen uri from:

rest_listen_uri = http://127.0.0.1:12900/ to rest_listen_uri = http://0.0.0.0:12900/

Now if I browse directly to http://externalip:12900/api-browser I can see the api-browser page :slight_smile:

If I go back to http://externalip/system/nodes and hover over the API Browser button it still tries to take me to http://127.0.0.1:12900/api-browser. If I update rest_transport_uri to http://0.0.0.0:12900 I get the following in the log:

2017-05-10T16:00:46.473Z WARN [BaseConfiguration] “http://0.0.0.0:12900/” is not a valid setting for “rest_transport_uri”. Using default [http://10.10.10.10:12900/]. - it defaults to the internal IP of the server.

If I change rest_transport_uri to the external IP of the server I see the following in the log:

Unable to call http://externalip:12900/system on node

I’m close but not there just yet.


(Matt) #7

I think I have finally cracked it. For those that stumble across this thread.

rest_listen_uri = http://0.0.0.0:12900/
rest_transport_uri = http://externalip:12900/
web_listen_uri = http://127.0.0.1:9000/

As Jochen mentioned the GrayLog server in this case needs to access itself via Public IP in this case. As I am working with an EC2 I set an inbound rule on port 12900 from the servers own external source IP.

Now test locally from the servers commandline:

curl http://externalip:12900/

Finally - login to GrayLog > System > Nodes > API browser - working!


Accessing API button
(Matheus) #8

Finally! This works for me. Thanks