Ah great, I'll give that a try and report back, thanks a lot. On Monday, June 27, 2016 at 5:16:25 PM UTC+3, Marius Sturm wrote: > > Ah ok, than you can use the advanced attributes in > /etc/graylog/graylog-settings.json and modify these values: > https://github.com/Graylog2/omnibus-graylog2/blob/2.0/files/graylog-cookbooks/graylog/attributes/default.rb#L47-L48 > > On 27 June 2016 at 16:06, Ragnar <[email protected] <javascript:>> > wrote: > >> Hi Marius, >> >> Just for the web interface, our security department flagged the system as >> being vulnerable to heartbleed/POODLE/FROWN etc. because SSLv2 and SSLv3 >> are enabled (along with weak RC4 ciphers). >> >> On Monday, June 27, 2016 at 3:59:56 PM UTC+3, Marius Sturm wrote: >>> >>> @Ragnar do you try to disable the cipher algorithms for the web >>> interface or for an log input? Because the web interface on the appliances >>> is TLS terminated by the Nginx that is also installed. The inputs are >>> served directly by Graylog's java process, that whould be a differnet >>> setting. >>> >>> On 27 June 2016 at 13:46, Jan Doberstein <[email protected]> wrote: >>> >>>> Hej Ragnar, >>>> >>>> >>>> >>>> On 25. Juni 2016 at 14:13:32, Ragnar ([email protected]) wrote: >>>> > Steps Tried: >>>> > 1. Created a security.properties file using the exact example >>>> > (un-commenting out the relevant lines) and put it in the >>>> > /opt/graylog/server directory >>>> > 2. Ran the command java >>>> > -Djava.security.properties=/opt/graylog/server/security.properties >>>> -jar >>>> > /opt/graylog/server/graylog.jar server >>>> > >>>> > Received an error staying that etc/graylog/server/server.conf didn't >>>> exist >>>> > so I created it >>>> > >>>> > 3. Ran the command java >>>> > -Djava.security.properties=/opt/graylog/server/security.properties >>>> -jar >>>> > /opt/graylog/server/graylog.jar server again and now I get the error: >>>> >>>> > Any ideas? >>>> >>>> you need to add as additional startup parameter to graylog! >>>> >>>> as you use graylog OVA image i had created this issue: >>>> https://github.com/Graylog2/omnibus-graylog2/issues/31 >>>> >>>> because this is not save possible. >>>> >>>> /jd >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Graylog Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/graylog2/CAGm-bLb4v0JHLz5acB2A6s6dYqH31fNUU_Y3OM8PVijFYhCD3w%40mail.gmail.com >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> >>> -- >>> Developer >>> >>> Tel.: +49 (0)40 609 452 077 >>> Fax.: +49 (0)40 609 452 078 >>> >>> TORCH GmbH - A Graylog Company >>> Poolstraße 21 >>> 20335 Hamburg >>> Germany >>> >>> https://www.graylog.com <https://www.torch.sh/> >>> >>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >>> Geschäftsführer: Lennart Koopmann (CEO) >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/2bf726e3-095e-4a13-a5a6-da07c70783c9%40googlegroups.com >> >> <https://groups.google.com/d/msgid/graylog2/2bf726e3-095e-4a13-a5a6-da07c70783c9%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Developer > > Tel.: +49 (0)40 609 452 077 > Fax.: +49 (0)40 609 452 078 > > TORCH GmbH - A Graylog Company > Poolstraße 21 > 20335 Hamburg > Germany > > https://www.graylog.com <https://www.torch.sh/> > > Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 > Geschäftsführer: Lennart Koopmann (CEO) >
-- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/d785f608-61be-4768-843e-f67c112b8c3a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
