Hi Tom, there are several communication channels in a Graylog setup. The server needs to talk to Elasticsearch and MongoDB, the web interface needs to talk to the server api, your browser needs to talk to the web interface... Therefore the IP settings are not super flexible. I would not try to map all services to a public IP. In the end you only need the web interface and maybe an input on the public IP. All other communication should go over the internal IP. So I would simply expose the web interface on the public IP and stay with the automatic configuration that comes out of graylog-ctl reconfigure. The API browser is a little bit special in this regard, you need direct access to the server IP to make really work. E.g. via VPN.
Cheers, Marius On 3 March 2016 at 07:10, Tom McQuarrie <[email protected]> wrote: > I have a new graylog installation deployed via the AWS AMI. Trying to work > out from the documentation how to correctly set it to use the instance's > public IP address but can't find anything in the documentation. It seems > that graylog is supposed to automatically configure itself via graylog-ctl > reconfigure. Whenever I do that, it's using the instance's local network IP > rather than the public ip. The documentation says you can set a static IP, > but being an AWS instance that's not something I want to do. > > I see in > > /etc/graylog/graylog-settings.json that we have: > > > "local_connect": false, > > "current_address": "172.30.0.XXX", > > "last_address": "172.30.0.XXX", > > > Which matches the eth0 ip address: > > > eth0 Link encap:Ethernet HWaddr XXXXX > > inet addr:172.30.0.XXX Bcast:172.30.0.255 Mask:255.255.255.0 > > inet6 addr: XXXXX Scope:Link > > UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1 > > RX packets:2000460 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:1323056 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:806247501 (806.2 MB) TX bytes:746184355 (746.1 MB) > > > But unfortunately local IP is not accessible from the web, so for example > in the web interface if I try to visit the API browser it tries to take me > to http://172.30.0.XXX:12900/api-browser which does not work. If I try to > use the domain name I've assigned to this instance, > http://mydomainname.com:12900 it works, but none of the api browser > commands work due to CORS limitations. > > > Is it possible for me to set current_address in graylog-settings.json to > my public mydomainname.com address? Or is there some other way to force > the server to use my public ip address? > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/5d00ef29-050e-4d62-a579-5eadf985c926%40googlegroups.com > <https://groups.google.com/d/msgid/graylog2/5d00ef29-050e-4d62-a579-5eadf985c926%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog Company Steckelhörn 11 20457 Hamburg Germany https://www.graylog.com <https://www.torch.sh/> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAMqbBbJ9jA%3D_yYF2_6i9eMUWPOncPqXr4%3DNrcm%2BcUTC5KkJM2Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
