I'm configuring a switch that does not have the option to set other port for the destination log server, it only sends to port 514.
I have tried authbind but it does not work with port 514 I have tried setcap 'cap_net_bind_service=+ep' /usr/bin/java but it does not work Then finally using IPTABLES worked: *iptables -A PREROUTING -t nat -i eth0 -p udp --dport 514 -j REDIRECT --to-port 10515* Thanks for you help Em quarta-feira, 12 de fevereiro de 2014 17h14min51s UTC-2, lennart escreveu: > > You need to be root to bind sockets on ports <=1024 on most *NIX > systems. Either run graylog2-server as root (not recommended) or use a > port higher than 1024. You could also try to give the local user than > runs graylog2-server permission to bind to those restricted ports, but > usually just choosing a higher port is the easiest solution. > > On Wed, Feb 12, 2014 at 7:19 PM, André Coelho <[email protected]<javascript:>> > wrote: > > Hi All > > I have this version of graylog installed on ubuntu 12.04: > > Graylog2-server (Current: 0.20-rc.1-1) > > Graylog2-web (Current: 0.20-rc.2) > > Graylog2-radio Current: 0.20-rc.2) > > > > When I try to add a global Syslog Input to listen on port 514 TCP or UDP > > (bind address: 0.0.0.0) the server gives this error: > > Input 52fbb0d5e4b0a4cfa9f30f88 has failed to start on node > > f728fbee-73f5-4a3a-a0f1-c10511eed089 for this reason: "Could not bind > UDP > > syslog input to address /0.0.0.0:514, Failed to bind to: /0.0.0.0:514, > > Permission denied". This means that you are unable to receive any > messages > > from this input. This is mostly an indication for a misconfiguration or > an > > error. You can click here to solve this > > And the log looks like this: > > 2014-02-12 16:16:39,732 ERROR: org.graylog2.inputs.InputRegistry - The > > [org.graylog2.inputs.syslog.udp.SyslogUDPInput] input with ID > > <52fbba87e4b0f89aaac73a29> misfired. Reason: Could not bind UDP syslog > input > > to address /0.0.0.0:514, Failed to bind to: /0.0.0.0:514, Permission > denied > > > > > > This looks like the user that graylog runs does not have permission to > bind > > port 514. > > > > Someone knows how to fix this? > > > > Thanks > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "graylog2" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
