Hi Ovidiu, a) why is it not respecting this setting though: web_listen_uri = > http://edgar.ict-consult.co.za/ > I tried: http://edgar.ict-consult.co.za/ - doesn't work and > http://edgar.ict-consult.co.za:9000/ seems to work. >
Graylog expects this setting (and rest_listen_uri and rest_transport_uri, too) to be a fully qualified URL, otherwise it's using 12900 as default port. If you really want to use unencrypted (!) HTTP for your web interface, you can use the following configuration setting: web_listen_uri = http://edgar.ict-consult.co.za:80/ Also keep in mind, that only privileged system users (i. e. root) is allowed to bind to ports <1024, so you'll need to use something like authbind to allow Graylog to bind directly to port 80/tcp. > b) if I set it up like this does that pose a security risk? > >> rest_listen_uri = http://edgar.ict-consult.co.za:12900/ > > rest_transport_uri = http://edgar.ict-consult.co.za:12900/ > > That depends on whether that URL is publicly accessible via an untrusted network (i. e. the Internet) or not. While the Graylog REST API a requires valid user account for almost everything you can do with it, it seems to be unencrypted the way you've configured Graylog. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/f458462d-28d0-4260-91ea-46f76f8f156c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
