Hey Eric, regarding point 3: what are your exact security concerns about exposing the REST API?
Kind regards, D. -- Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog company Steckelhörn 11 20457 Hamburg Germany Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) > On 21.04.2016, at 09:03, er...@muneris.io wrote: > > Dear Graylog community support / users, > > I have been using Graylog since 1.2 and its working great. > > Just discover a change about a health check in Graylog's web just might cause > problems. > It's known and normal that the Graylog's web service detects the server > node(s) healthiness with API thru TCP 12900. > > However I noticed an issue in Graylog 2. > When I am trying out Graylog 2 (Alpha and Beta), the web UI automatically > calls TCP 12900 (API port) in the client side using the public address. > That is, from the developer mode of the browser, I can see URL call of > http://<graylog web service hostname>:12900/system/cluster/node. This causes > the following issues: > > 1) With the default configuration, such check listens to private IP of the > server. So just when deploying the Graylog to internet, the check fails. > (Unless we access the website through VPN IP or update rest_transport_uri in > /opt/graylog/conf/graylog.conf) > 2) Health check should probably be done in background in the server (i.e. > like Graylog 1.2, 1.3...the checking will not be exposed to client side / > browser) > 3) We need to expose TCP 12900 of the web service to public, security concern > arises as the API port would be facing the public internet as well > > Thank you. > Eric > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/a43a9ea9-2b6b-4d6a-8b91-1304b84dd008%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/7FE12566-B7BC-41BB-810F-BE3D31D632EF%40graylog.com. For more options, visit https://groups.google.com/d/optout.