Hi Ovidiu, a) why is it not respecting this setting though: web_listen_uri = > http://edgar.ict-consult.co.za/ > I tried: http://edgar.ict-consult.co.za/ - doesn't work and > http://edgar.ict-consult.co.za:9000/ seems to work. >
Graylog expects this setting (and rest_listen_uri and rest_transport_uri, too) to be a fully qualified URL, otherwise it's using 12900 as default port. If you really want to use unencrypted (!) HTTP for your web interface, you can use the following configuration setting: web_listen_uri = http://edgar.ict-consult.co.za:80/ Also keep in mind, that only privileged system users (i. e. root) is allowed to bind to ports <1024, so you'll need to use something like authbind to allow Graylog to bind directly to port 80/tcp. > b) if I set it up like this does that pose a security risk? > >> rest_listen_uri = http://edgar.ict-consult.co.za:12900/ > > rest_transport_uri = http://edgar.ict-consult.co.za:12900/ > > That depends on whether that URL is publicly accessible via an untrusted network (i. e. the Internet) or not. While the Graylog REST API a requires valid user account for almost everything you can do with it, it seems to be unencrypted the way you've configured Graylog. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/f458462d-28d0-4260-91ea-46f76f8f156c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
