Thank you, but you might want to revise that.
localhost isnt enough, you need to be able to specify normal proxy
exclusions, like .domain. If you have multiple graylog servers they should
not use proxy to communicate.
Brgds. Martin
On Monday, 30 May 2016 14:30:02 UTC+2, Dennis Oelkers wrote:
>
> Hey Martin,
>
> we have now implemented a function to disable the proxy for requests going
> to localhost. It is already merged and will be included in the next release
> of Graylog.
>
> Thanks for your support,
> D.
>
> > On 27.05.2016, at 12:19, Dennis Oelkers <den...@graylog.com
> <javascript:>> wrote:
> >
> >> On 27.05.2016, at 10:18, Martin René Mortensen <martin.ren...@gmail.com
> <javascript:>> wrote:
> >>
> >>
> >> On Friday, 27 May 2016 09:39:46 UTC+2, Dennis Oelkers wrote:
> >> Do you have the http_proxy_uri configuration directive set in your
> config file, by any chance?
> >>
> >> ah yes, I do, if it uses the http_proxy to access its internal
> interfaces, that would cause these errors - I see.
> >>
> >> The response you are getting from the server for the
> /cluster/metrics/multiple call implies that it cannot connect back to
> itself (the response for the node id is null), although you can do the call
> that it is doing from the host itself without problems. My guess would be
> that there is a proxy involved somewhere, which (naturally) connects to a
> different localhost.
> >> How how do you make it not use the proxy for local connections? Do you
> have a configuration parameter, or do we have to use Java options
> somewhere?
> >
> > We don’t have that. It makes sense though to prevent using the proxy for
> localhost/127.0.0.1/::1, but we haven’t implemented that. I cannot
> promise anything, but there is a good chance we have something like that in
> 2.0.3, until then you have to decide if you can switch of the proxy for the
> meantime.
> >
> > Kr,
> > D.
> >
> >>
> >>
> >>> On 26.05.2016, at 19:17, Martin René Mortensen <
> martin.ren...@gmail.com> wrote:
> >>>
> >>>
> >>>
> >>> On Thursday, 26 May 2016 17:20:44 UTC+2, Dennis Oelkers wrote:
> >>> What happens when you do something like:
> >>>
> >>> curl -XPOST -u admin -v -H "Content-Type: application/json" -d
> '{"metrics": []}' http://localhost:12900/cluster/metrics/multiple
> >>>
> >>> looks good:
> >>> * Trying 127.0.0.1...
> >>> * Connected to localhost (127.0.0.1) port 12900 (#0)
> >>> * Server auth using Basic with user 'admin'
> >>>> POST /cluster/metrics/multiple HTTP/1.1
> >>>> Authorization: Basic xxx=
> >>>> User-Agent: curl/7.29.0
> >>>> Host: localhost:12900
> >>>> Accept: */*
> >>>> Content-Type: application/json
> >>>> Content-Length: 15
> >>>>
> >>> * upload completely sent off: 15 out of 15 bytes
> >>> < HTTP/1.1 200 OK
> >>> < X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
> >>> < X-Runtime-Microseconds: 9568
> >>> < Content-Type: application/json
> >>> < Date: Thu, 26 May 2016 17:11:58 GMT
> >>> < Content-Length: 45
> >>> <
> >>> * Connection #0 to host localhost left intact
> >>> {"ac7773b1-403d-4d3d-acc7-98a779140854":null}
> >>> I dont know if that answer is ok, but its what it says.
> >>>
> >>> and
> >>>
> >>> curl -XPOST -u admin -v -H "Content-Type: application/json" -H
> "Accept: application/json” -d '{"metrics": []}'
> http://localhost:12900/system/metrics/multiple
> >>>
> >>> Also suceeds, but output seems lacking:
> >>> * About to connect() to localhost port 12900 (#0)
> >>> * Trying ::1...
> >>> * Connection refused
> >>> * Trying 127.0.0.1...
> >>> * Connected to localhost (127.0.0.1) port 12900 (#0)
> >>> * Server auth using Basic with user 'admin'
> >>>> POST /system/metrics/multiple HTTP/1.1
> >>>> Authorization: Basic xxx=
> >>>> User-Agent: curl/7.29.0
> >>>> Host: localhost:12900
> >>>> Content-Type: application/json
> >>>> Accept: application/json
> >>>> Content-Length: 15
> >>>>
> >>> * upload completely sent off: 15 out of 15 bytes
> >>> < HTTP/1.1 200 OK
> >>> < X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
> >>> < X-Runtime-Microseconds: 9363
> >>> < Content-Type: application/json
> >>> < Date: Thu, 26 May 2016 17:15:14 GMT
> >>> < Content-Length: 24
> >>> <
> >>> * Connection #0 to host localhost left intact
> >>> {"total":0,"metrics":[]}
> >>>
> >>>
> >>>
> >>> from the server node itself? Does it work? What do you have in your
> server logs?
> >>>
> >>> Nothing in server logs
> >>> Graylog server logs says the same old stuff:
> >>> 2016-05-26T19:10:54.246+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>> 2016-05-26T19:11:58.128+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>
> >>>> On 26.05.2016, at 16:30, Martin René Mortensen <
> martin.ren...@gmail.com> wrote:
> >>>>
> >>>> Well the POST requests worked with authorization, but said it didnt
> understand me. I tried with another api request that seemed to work fine
> when I authenticate properly.
> >>>>
> >>>> # curl -i -X GET http://localhost:12900/system/inputs -u admin
> >>>> Enter host password for user 'admin':
> >>>> HTTP/1.1 200 OK
> >>>> X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
> >>>> X-Runtime-Microseconds: 8838
> >>>> Content-Type: application/json
> >>>> Date: Thu, 26 May 2016 14:28:47 GMT
> >>>> Content-Length: 937
> >>>>
> >>>> {"inputs":[{"title":"GELF TCP for security
> logs","global":true,"name":"GELF
> TCP","content_pack":null,"created_at":"2015-12-09T07:11:48.095Z","type":"org.graylog2.inputs.gelf.tcp.GELFTCPInput","creator_user_id":"admin","attributes":{"recv_buffer_size":1048576,"port":12201,"use_null_delimiter":true,"tls_key_password":"","tls_key_file":"","tls_client_auth_cert_file":"","max_message_size":2097152,"tls_client_auth":"disabled","override_source":"","bind_address":"0.0.0.0","tls_cert_file":""},"static_fields":{},"node":null,"id":"5667d434a78e92fb03f07aa5"},{"title":"GELF
>
> UDP for security logs","global":true,"name":"GELF
> UDP","content_pack":null,"created_at":"2015-12-09T07:11:34.949Z","type":"org.graylog2.inputs.gelf.udp.GELFUDPInput","creator_user_id":"admin","attributes":{"override_source":"","recv_buffer_size":262144,"bind_address":"0.0.0.0","port":12201},"static_fields":{},"node":null,"id":"5667d426a78e92fb03f07a94"}],"total":2}
>
>
> >>>>
> >>>> What to configure?
> >>>>
> >>>> On Thursday, 26 May 2016 14:07:18 UTC+2, Dennis Oelkers wrote:
> >>>>> On 26.05.2016, at 10:53, Martin René Mortensen <
> martin.ren...@gmail.com> wrote:
> >>>>> Exactly what its saying. but it doesnt make any sense.
> >>>>> 2016-05-26T09:20:46.527+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:48.520+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:50.517+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:52.496+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:54.519+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:56.716+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>> 2016-05-26T09:20:58.745+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> <ac7773b1-403d-4d3d-acc7-98a779140854>, result: Service Unavailable
> >>>>>
> >>>>> when I try, I get a 401 error. From the client the calls to graylog
> api needs to be authenticated, but do calls from internal graylog also have
> to be authenticated?
> >>>>>
> >>>>> curl -I -X POST http://localhost:12900/system/metrics/multiple
> >>>>> HTTP/1.1 401 Unauthorized
> >>>>> WWW-Authenticate: Basic realm="Graylog Server"
> >>>>> X-Graylog-Node-ID: ac7773b1-403d-4d3d-acc7-98a779140854
> >>>>> X-Runtime-Microseconds: 3195
> >>>>> Date: Thu, 26 May 2016 08:52:00 GMT
> >>>>> Content-Length: 0
> >>>>>
> >>>>
> >>>> Can you try doing the request using your user’s credentials?
> >>>>
> >>>> --
> >>>> Tel.: +49 (0)40 609 452 077
> >>>> Fax.: +49 (0)40 609 452 078
> >>>>
> >>>> TORCH GmbH - A Graylog company
> >>>> Steckelhörn 11
> >>>> 20457 Hamburg
> >>>> Germany
> >>>>
> >>>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> >>>> Geschäftsführer: Lennart Koopmann (CEO)
> >>>>
> >>>>
> >>>> --
> >>>> You received this message because you are subscribed to the Google
> Groups "Graylog Users" group.
> >>>> To unsubscribe from this group and stop receiving emails from it,
> send an email to graylog2+u...@googlegroups.com.
> >>>> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/2b559d33-bdb2-49bc-a237-4d2f74df7f82%40googlegroups.com.
>
>
> >>>> For more options, visit https://groups.google.com/d/optout.
> >>>
> >>> --
> >>> Tel.: +49 (0)40 609 452 077
> >>> Fax.: +49 (0)40 609 452 078
> >>>
> >>> TORCH GmbH - A Graylog company
> >>> Steckelhörn 11
> >>> 20457 Hamburg
> >>> Germany
> >>>
> >>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> >>> Geschäftsführer: Lennart Koopmann (CEO)
> >>>
> >>>
> >>> --
> >>> You received this message because you are subscribed to the Google
> Groups "Graylog Users" group.
> >>> To unsubscribe from this group and stop receiving emails from it, send
> an email to graylog2+u...@googlegroups.com.
> >>> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/d2082366-1a2b-4a77-ba12-29b065129747%40googlegroups.com.
>
>
> >>> For more options, visit https://groups.google.com/d/optout.
> >>
> >> --
> >> Tel.: +49 (0)40 609 452 077
> >> Fax.: +49 (0)40 609 452 078
> >>
> >> TORCH GmbH - A Graylog company
> >> Steckelhörn 11
> >> 20457 Hamburg
> >> Germany
> >>
> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> >> Geschäftsführer: Lennart Koopmann (CEO)
> >>
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> Groups "Graylog Users" group.
> >> To unsubscribe from this group and stop receiving emails from it, send
> an email to graylog2+u...@googlegroups.com <javascript:>.
> >> To view this discussion on the web visit
> https://groups.google.com/d/msgid/graylog2/12f1e314-7f10-414d-96a8-9e8f58eb684f%40googlegroups.com.
>
>
> >> For more options, visit https://groups.google.com/d/optout.
> >
> > --
> > Tel.: +49 (0)40 609 452 077
> > Fax.: +49 (0)40 609 452 078
> >
> > TORCH GmbH - A Graylog company
> > Poolstrasse 21
> > 20355 Hamburg
> > Germany
> >
> > Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> > Geschäftsführer: Lennart Koopmann (CEO)
>
> --
> Tel.: +49 (0)40 609 452 077
> Fax.: +49 (0)40 609 452 078
>
> TORCH GmbH - A Graylog company
> Poolstrasse 21
> 20355 Hamburg
> Germany
>
> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
> Geschäftsführer: Lennart Koopmann (CEO)
>
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/f6975849-6abc-4d86-babe-dd87dffabfd8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
