Hey Martin,
we have now implemented a function to disable the proxy for requests going to
localhost. It is already merged and will be included in the next release of
Graylog.
Thanks for your support,
D.
> On 27.05.2016, at 12:19, Dennis Oelkers <[email protected]> wrote:
>
>> On 27.05.2016, at 10:18, Martin René Mortensen
>> <[email protected]> wrote:
>>
>>
>> On Friday, 27 May 2016 09:39:46 UTC+2, Dennis Oelkers wrote:
>> Do you have the http_proxy_uri configuration directive set in your config
>> file, by any chance?
>>
>> ah yes, I do, if it uses the http_proxy to access its internal interfaces,
>> that would cause these errors - I see.
>>
>> The response you are getting from the server for the
>> /cluster/metrics/multiple call implies that it cannot connect back to itself
>> (the response for the node id is null), although you can do the call that it
>> is doing from the host itself without problems. My guess would be that there
>> is a proxy involved somewhere, which (naturally) connects to a different
>> localhost.
>> How how do you make it not use the proxy for local connections? Do you have
>> a configuration parameter, or do we have to use Java options somewhere?
>
> We don’t have that. It makes sense though to prevent using the proxy for
> localhost/127.0.0.1/::1, but we haven’t implemented that. I cannot promise
> anything, but there is a good chance we have something like that in 2.0.3,
> until then you have to decide if you can switch of the proxy for the meantime.
>
> Kr,
> D.
>
>>
>>
>>> On 26.05.2016, at 19:17, Martin René Mortensen <[email protected]>
>>> wrote:
>>>
>>>
>>>
>>> On Thursday, 26 May 2016 17:20:44 UTC+2, Dennis Oelkers wrote:
>>> What happens when you do something like:
>>>
>>> curl -XPOST -u admin -v -H "Content-Type: application/json" -d '{"metrics":
>>> []}' http://localhost:12900/cluster/metrics/multiple
>>>
>>> looks good:
>>> * Trying 127.0.0.1...
>>> * Connected to localhost (127.0.0.1) port 12900 (#0)
>>> * Server auth using Basic with user 'admin'
>>>> POST /cluster/metrics/multiple HTTP/1.1
>>>> Authorization: Basic xxx=
>>>> User-Agent: curl/7.29.0
>>>> Host: localhost:12900
>>>> Accept: */*
>>>> Content-Type: application/json
>>>> Content-Length: 15
>>>>
>>> * upload completely sent off: 15 out of 15 bytes
>>> < HTTP/1.1 200 OK
>>> < X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
>>> < X-Runtime-Microseconds: 9568
>>> < Content-Type: application/json
>>> < Date: Thu, 26 May 2016 17:11:58 GMT
>>> < Content-Length: 45
>>> <
>>> * Connection #0 to host localhost left intact
>>> {"ac7773b1-403d-4d3d-acc7-98a779140854":null}
>>> I dont know if that answer is ok, but its what it says.
>>>
>>> and
>>>
>>> curl -XPOST -u admin -v -H "Content-Type: application/json" -H "Accept:
>>> application/json” -d '{"metrics": []}'
>>> http://localhost:12900/system/metrics/multiple
>>>
>>> Also suceeds, but output seems lacking:
>>> * About to connect() to localhost port 12900 (#0)
>>> * Trying ::1...
>>> * Connection refused
>>> * Trying 127.0.0.1...
>>> * Connected to localhost (127.0.0.1) port 12900 (#0)
>>> * Server auth using Basic with user 'admin'
>>>> POST /system/metrics/multiple HTTP/1.1
>>>> Authorization: Basic xxx=
>>>> User-Agent: curl/7.29.0
>>>> Host: localhost:12900
>>>> Content-Type: application/json
>>>> Accept: application/json
>>>> Content-Length: 15
>>>>
>>> * upload completely sent off: 15 out of 15 bytes
>>> < HTTP/1.1 200 OK
>>> < X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
>>> < X-Runtime-Microseconds: 9363
>>> < Content-Type: application/json
>>> < Date: Thu, 26 May 2016 17:15:14 GMT
>>> < Content-Length: 24
>>> <
>>> * Connection #0 to host localhost left intact
>>> {"total":0,"metrics":[]}
>>>
>>>
>>>
>>> from the server node itself? Does it work? What do you have in your server
>>> logs?
>>>
>>> Nothing in server logs
>>> Graylog server logs says the same old stuff:
>>> 2016-05-26T19:10:54.246+02:00 WARN [ProxiedResource] Unable to call
>>> http://localhost:12900/system/metrics/multiple on node
>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>> 2016-05-26T19:11:58.128+02:00 WARN [ProxiedResource] Unable to call
>>> http://localhost:12900/system/metrics/multiple on node
>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>
>>>> On 26.05.2016, at 16:30, Martin René Mortensen <[email protected]>
>>>> wrote:
>>>>
>>>> Well the POST requests worked with authorization, but said it didnt
>>>> understand me. I tried with another api request that seemed to work fine
>>>> when I authenticate properly.
>>>>
>>>> # curl -i -X GET http://localhost:12900/system/inputs -u admin
>>>> Enter host password for user 'admin':
>>>> HTTP/1.1 200 OK
>>>> X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
>>>> X-Runtime-Microseconds: 8838
>>>> Content-Type: application/json
>>>> Date: Thu, 26 May 2016 14:28:47 GMT
>>>> Content-Length: 937
>>>>
>>>> {"inputs":[{"title":"GELF TCP for security
>>>> logs","global":true,"name":"GELF
>>>> TCP","content_pack":null,"created_at":"2015-12-09T07:11:48.095Z","type":"org.graylog2.inputs.gelf.tcp.GELFTCPInput","creator_user_id":"admin","attributes":{"recv_buffer_size":1048576,"port":12201,"use_null_delimiter":true,"tls_key_password":"","tls_key_file":"","tls_client_auth_cert_file":"","max_message_size":2097152,"tls_client_auth":"disabled","override_source":"","bind_address":"0.0.0.0","tls_cert_file":""},"static_fields":{},"node":null,"id":"5667d434a78e92fb03f07aa5"},{"title":"GELF
>>>> UDP for security logs","global":true,"name":"GELF
>>>> UDP","content_pack":null,"created_at":"2015-12-09T07:11:34.949Z","type":"org.graylog2.inputs.gelf.udp.GELFUDPInput","creator_user_id":"admin","attributes":{"override_source":"","recv_buffer_size":262144,"bind_address":"0.0.0.0","port":12201},"static_fields":{},"node":null,"id":"5667d426a78e92fb03f07a94"}],"total":2}
>>>>
>>>>
>>>> What to configure?
>>>>
>>>> On Thursday, 26 May 2016 14:07:18 UTC+2, Dennis Oelkers wrote:
>>>>> On 26.05.2016, at 10:53, Martin René Mortensen <[email protected]>
>>>>> wrote:
>>>>> Exactly what its saying. but it doesnt make any sense.
>>>>> 2016-05-26T09:20:46.527+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:48.520+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:50.517+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:52.496+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:54.519+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:56.716+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>> 2016-05-26T09:20:58.745+02:00 WARN [ProxiedResource] Unable to call
>>>>> http://localhost:12900/system/metrics/multiple on node
>>>>> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
>>>>>
>>>>> when I try, I get a 401 error. From the client the calls to graylog api
>>>>> needs to be authenticated, but do calls from internal graylog also have
>>>>> to be authenticated?
>>>>>
>>>>> curl -I -X POST http://localhost:12900/system/metrics/multiple
>>>>> HTTP/1.1 401 Unauthorized
>>>>> WWW-Authenticate: Basic realm="Graylog Server"
>>>>> X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
>>>>> X-Runtime-Microseconds: 3195
>>>>> Date: Thu, 26 May 2016 08:52:00 GMT
>>>>> Content-Length: 0
>>>>>
>>>>
>>>> Can you try doing the request using your user’s credentials?
>>>>
>>>> --
>>>> Tel.: +49 (0)40 609 452 077
>>>> Fax.: +49 (0)40 609 452 078
>>>>
>>>> TORCH GmbH - A Graylog company
>>>> Steckelhörn 11
>>>> 20457 Hamburg
>>>> Germany
>>>>
>>>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
>>>> Geschäftsführer: Lennart Koopmann (CEO)
>>>>
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google Groups
>>>> "Graylog Users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send an
>>>> email to [email protected].
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/graylog2/2b559d33-bdb2-49bc-a237-4d2f74df7f82%40googlegroups.com.
>>>>
>>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>> --
>>> Tel.: +49 (0)40 609 452 077
>>> Fax.: +49 (0)40 609 452 078
>>>
>>> TORCH GmbH - A Graylog company
>>> Steckelhörn 11
>>> 20457 Hamburg
>>> Germany
>>>
>>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
>>> Geschäftsführer: Lennart Koopmann (CEO)
>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "Graylog Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to [email protected].
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/graylog2/d2082366-1a2b-4a77-ba12-29b065129747%40googlegroups.com.
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>
>> --
>> Tel.: +49 (0)40 609 452 077
>> Fax.: +49 (0)40 609 452 078
>>
>> TORCH GmbH - A Graylog company
>> Steckelhörn 11
>> 20457 Hamburg
>> Germany
>>
>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
>> Geschäftsführer: Lennart Koopmann (CEO)
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Graylog Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/graylog2/12f1e314-7f10-414d-96a8-9e8f58eb684f%40googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>
> --
> Tel.: +49 (0)40 609 452 077
> Fax.: +49 (0)40 609 452 078
>
> TORCH GmbH - A Graylog company
> Poolstrasse 21
> 20355 Hamburg
> Germany
>
> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> Geschäftsführer: Lennart Koopmann (CEO)
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Poolstrasse 21
20355 Hamburg
Germany
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsführer: Lennart Koopmann (CEO)
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/96E28D25-5F90-44EA-8897-9D3019CC5F61%40graylog.com.
For more options, visit https://groups.google.com/d/optout.
