In this quick tutorial, we are going to explain how to configure Nginx as reverse proxy for the Graylog 2 server. If you don’t installed yet Graylog2 Server, you can check the following topics:
- How To Install and Configure Graylog Server on Ubuntu 16.04 LTS
- How To Install and Configure Graylog Server on CentOS 7/ RHEL7
– Since Graylog 2.1 you have two options when it comes to exposing its web interface:
- Running both on the same port, using different paths (defaulting to http://localhost:9000/api/ for the REST API and http://localhost:9000/ for the web interface), this is the default
- Running on two different ports (for example http://localhost:12900/ for the REST API and http://localhost:9000/ for the web interface)
Graylog Server web interface and the REST API can run both in single port 9000 or in a separate Ports (12900 and 9000).
1° Option – REST API and Web Interface on one port (using HTTP):
– Make sure that your server Graylog configuration file server.conf has the following settings:
- rest_listen_uri = http://your_public_ip:9000/api/
- web_listen_uri = http://your_public_ip:9000/
– Make sure that nginx block has the following content:
server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; server_name graylog.yallalabs.local; location / { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Graylog-Server-URL http://graylog.yallalabs.local/api; proxy_pass http://your_public_ip:9000; } }
– Make sure to create an entry dns to access to graylog web interface in your dns server.
2° Option – REST API and Web Interface on separate ports (using HTTP):
– Make sure that your server Graylog configuration file server.conf has the following settings:
- rest_listen_uri = http://your_public_ip:12900/
- web_listen_uri = http://your_public_ip:9000/
– Make sure that nginx block has the following content:
server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; server_name graylog.yallalabs.local; location / { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Graylog-Server-URL http://graylog.yallalabs.local/api; proxy_pass http://your_public_ip:9000; } location /api/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://your_public_ip:12900/; }
We hope this tutorial was enough Helpful. If you need more information, or have any questions, just comment below and we will be glad to assist you!