Hey Eric,
regarding point 3: what are your exact security concerns about exposing the
REST API?
Kind regards,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Steckelhörn 11
20457 Hamburg
Germany
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsführer: Lennart Koopmann (CEO)
> On 21.04.2016, at 09:03, [email protected] wrote:
>
> Dear Graylog community support / users,
>
> I have been using Graylog since 1.2 and its working great.
>
> Just discover a change about a health check in Graylog's web just might cause
> problems.
> It's known and normal that the Graylog's web service detects the server
> node(s) healthiness with API thru TCP 12900.
>
> However I noticed an issue in Graylog 2.
> When I am trying out Graylog 2 (Alpha and Beta), the web UI automatically
> calls TCP 12900 (API port) in the client side using the public address.
> That is, from the developer mode of the browser, I can see URL call of
> http://<graylog web service hostname>:12900/system/cluster/node. This causes
> the following issues:
>
> 1) With the default configuration, such check listens to private IP of the
> server. So just when deploying the Graylog to internet, the check fails.
> (Unless we access the website through VPN IP or update rest_transport_uri in
> /opt/graylog/conf/graylog.conf)
> 2) Health check should probably be done in background in the server (i.e.
> like Graylog 1.2, 1.3...the checking will not be exposed to client side /
> browser)
> 3) We need to expose TCP 12900 of the web service to public, security concern
> arises as the API port would be facing the public internet as well
>
> Thank you.
> Eric
>
> --
> You received this message because you are subscribed to the Google Groups
> "Graylog Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/a43a9ea9-2b6b-4d6a-8b91-1304b84dd008%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/7FE12566-B7BC-41BB-810F-BE3D31D632EF%40graylog.com.
For more options, visit https://groups.google.com/d/optout.
