I have a problem with DNS resolution on Graylog 2.2
It’s running on CentOS 7, I’m only using one server at the moment so my Database and Elasticsearch is all on one virtual machine.
In my Source section it shows only the IP address not the fully qualified domain name.
What I have tried to do was the following;
I configured my Input with Force rDNS using port 5145, Global
Downloaded DNS Resolver Plugin for Graylog
Placed the file in the /plugin directory
Restart graylog service
Root # systemctl restart graylog-server
Added the following line to graylog configuration file
dns_resolver_enabled – Set to true
dns_resolver_run_before_extractors – Set to true
dns_resolver_timeout – set to 2s
Restarted graylog services
Root # systemctl restart graylog
Reboot virtual machine
Check my resolv.conf file for the correct DNS address, completed no problems.
The work around was configuring my /hosts file as follow;
xxx.xxx.xxx.xxx < fully qualified domain name>
Saved and restart network.
I have over 1000+ nodes and really don’t want to add everyone to my host file, is there something I’m missing? If so I would really appreciated any help.
Thanks in advance