Yes it's required to connect to TCP 12900. That's also where the sidecar and collectors connect.
I think the reasoning was that you ought to have the ability to open the firewall to the server since you're already using a bunch of ports to send it the log data it needs. The web interface isn't separate any more, so one more port for the REST interface wasn't supposed to be a problem. But proxy firewalls and remote access may turn out to be a larger issue than the developers expected. I'm currently having problems getting my URIs correct in Docker on a bunch of hosts that don't tell me the container's IP until after the container is created. On Wednesday, April 13, 2016 at 8:14:16 PM UTC-4, Jason Haar wrote: > > Hi there > > Under graylog-1.3.4 I had published graylog-web behind a WAF - which > nicely mapped https://graylog.internet.domain to > http://graylog.intranet.domain (notice the different domain names too) > > With v2.0 I can't get this to work. Now it appears graylog returns content > with hardwired URLs that are defined by rest_listen_uri? That means we end > up with browser errors as they are talking to the WAF over HTTPS and the > content contains HTTP links - to port 12900. Bad. > > Am I correct that graylog-v2 requires browsers to talk to non-web ports > (ie 12900)? That's quite a change. The comments say "Must be reachable by > other Graylog server nodes if you run a cluster" - no mention of this being > required by web browsers. > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/8c3040cb-61f0-4519-a5d2-e9bf55178d15%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
