Unable to access api-browser

linuxmatt · May 5, 2017, 11:43am

Hi,

We currently have the following 2 issues:

Nodes > ‘API browser’ button links to http://127.0.0.1:12900/api-browser. I can’t seem to change this link to either an External IP or hostname. Do I need to update at code level? (server.conf below)
If I manually browse to http://externalip/api-browser I get to the login page but there is no login/submit button (logo, user and pwd fields only). Therefore I am unable to browse the API for this node.

Everything else functions as expected with no issues. I just can’t seem to access /api-browser. Any help appreciated.

Thanks, Matt

nginx.conf

server
{ 
  listen      80 default_server;
  
  location /api/
    {   
        proxy_set_header    Host $http_host; 
        proxy_set_header    X-Forwarded-Host $host;
        proxy_set_header    X-Forwarded-Server $host;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass          http://127.0.0.1:12900/;
    }
  location /
    {   
        proxy_set_header    Host $http_host; 
        proxy_set_header    X-Forwarded-Host $host;
        proxy_set_header    X-Forwarded-Server $host;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    X-Graylog-Server-URL "http://${host}/api";
        proxy_pass          http://127.0.0.1:9000;
    }
    location /api-browser {
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
    rewrite ^/api/(.*) /$1 break;
    proxy_pass http://127.0.0.1:12900;
  }
}

server.conf

rest_listen_uri = http://127.0.0.1:12900/
rest_transport_uri = http://127.0.0.1:12900/
web_listen_uri = http://127.0.0.1:9000/

jochen · May 5, 2017, 2:21pm

The API browser button on the System → Nodes page will always use rest_transport_uri to build the URI.

The intention is to be able to use the API browser of a specific node and not of a random node which potentially is being returned by a load-balancer or reverse proxy.

linuxmatt · May 5, 2017, 2:54pm

Thanks jochen.

I have tried updating the rest_transport_uri to the external IP of the server (http://x.x.x.x:12900/) but within System > Nodes I get:

'System information is currently unavailable.;

Then when I click on the node I get redirected to an Error Getting Data Page which contains:

‘Error: cannot GET http://X.X.X.X/api/cluster/sdfsdfdsfdsfds/jvm (500)’

Within the server.log I can see the following:

‘2017-05-05T14:51:53.619Z WARN [ProxiedResource] Unable to call http://x.x.x.x:12900/system on node
java.net.SocketTimeoutException: connect timed out’

Is there perhaps a configuration change I need to make to nginx as well?

Current setup on the 1 instance is: mongodb, nginx, elasticsearch and graylog server.

jochen · May 8, 2017, 10:19am

Each Graylog node has to be able to access the rest_transport_uri of each other Graylog node (and also of itself).

linuxmatt · May 10, 2017, 3:35pm

I’m presuming I have an issue with my nginx setup? See results from the local command line:

curl 127.0.0.1:12900

{“cluster_id”:“xxxxx”,“node_id”:“xxxxx”,“version”:“2.2.3+7adc951”,“tagline”:“Manage your logs in the dark and have lasers going and make it look like you’re from space!”}

curl 127.0.0.1:12900/api
Shows Graylog Web Interface html page.

curl 127.0.0.1/api-browser

Shows REST API browser html.

127.0.0.1/api-browser reveals the api browser page from commandline. I can get to the API Browser page in my web browser by going to http://externalip/api-browser which shows user and password fields but can’t login.

Anyone else come across this issue?

linuxmatt · May 10, 2017, 4:14pm

Update:

I have updated the rest listen uri from:

rest_listen_uri = http://127.0.0.1:12900/ to rest_listen_uri = http://0.0.0.0:12900/

Now if I browse directly to http://externalip:12900/api-browser I can see the api-browser page

If I go back to http://externalip/system/nodes and hover over the API Browser button it still tries to take me to http://127.0.0.1:12900/api-browser. If I update rest_transport_uri to http://0.0.0.0:12900 I get the following in the log:

2017-05-10T16:00:46.473Z WARN [BaseConfiguration] “http://0.0.0.0:12900/” is not a valid setting for “rest_transport_uri”. Using default [http://10.10.10.10:12900/]. - it defaults to the internal IP of the server.

If I change rest_transport_uri to the external IP of the server I see the following in the log:

Unable to call http://externalip:12900/system on node

I’m close but not there just yet.

linuxmatt · May 10, 2017, 5:09pm

I think I have finally cracked it. For those that stumble across this thread.

rest_listen_uri = http://0.0.0.0:12900/
rest_transport_uri = http://externalip:12900/
web_listen_uri = http://127.0.0.1:9000/

As Jochen mentioned the GrayLog server in this case needs to access itself via Public IP in this case. As I am working with an EC2 I set an inbound rule on port 12900 from the servers own external source IP.

Now test locally from the servers commandline:

curl http://externalip:12900/

Finally - login to GrayLog > System > Nodes > API browser - working!

baldasso · February 15, 2018, 5:04pm

Finally! This works for me. Thanks

Topic		Replies	Views
Unable to browse "API browser" from /system/nodes Graylog Central (peer support)	14	2069	March 6, 2019
REST API browser (graylog 3.1) not accessible behind nginx reverse proxy Graylog Central (peer support)	13	5048	December 30, 2019
Accessing API button Graylog Central (peer support)	4	930	February 2, 2018
Cluster Global API Browser and API Browser seems not right Graylog Central (peer support)	7	1750	December 2, 2019
Graylog API Browser points to local IP instead of configured external URL Graylog Central (peer support)	4	3153	October 2, 2020

Unable to access api-browser

Related topics