Dear Graylog community support / users, I have been using Graylog since 1.2 and its working great.
Just discover a change about a health check in Graylog's web just might cause problems. It's known and normal that the Graylog's web service detects the server node(s) healthiness with API thru TCP 12900. However I noticed an issue in Graylog 2. When I am trying out Graylog 2 (Alpha and Beta), the web UI automatically calls TCP 12900 (API port) in the client side using the public address. That is, from the developer mode of the browser, I can see URL call of http://<graylog web service hostname>:12900/system/cluster/node. This causes the following issues: 1) With the default configuration, such check listens to private IP of the server. So just when deploying the Graylog to internet, the check fails. (Unless we access the website through VPN IP or update *rest_transport_uri* in /opt/graylog/conf/graylog.conf) 2) Health check should probably be done in background in the server (i.e. like Graylog 1.2, 1.3...the checking will not be exposed to client side / browser) 3) We need to expose TCP 12900 of the web service to public, security concern arises as the API port would be facing the public internet as well Thank you. Eric -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a43a9ea9-2b6b-4d6a-8b91-1304b84dd008%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
