-->
  • Recent Articles

    Error: Could not bind UDP syslog input to address /0.0.0.0:514 , Permission Denied ?



    Error: Could not bind UDP syslog input to address /0.0.0.0:514 , Permission Denied ?

    Ans: This Happens when someone try to create a input address on port <=1024. As the services are
    started as user graylog, it is not able to spawn a Input on a port less than 1024 which required escalated privileges.

    To mitigate this Problem we have following Solution:

    1. Start the Input with a port Higher than 1024 And Configure the Clients accordingly.
    OR
    2. Start the Input with a port Higher than 1024 And Configure the Iptables that anything coming on port 514 should be forwarded to that port.
    iptables -t nat -A PREROUTING -m udp -p udp --dport 514 -j REDIRECT --to-ports 12514
    OR

    3. Start the Services as root user and start the Input with Port 514.
    Stop the Service Now.
    /etc/init.d/graylog-server stop
    /etc/init.d/graylog-web stop
    Edit the Graylog Server startup script with following option.
    vi /etc/init.d/graylog-server
    GRAYLOG_SERVER_USER=root
    Edit the Graylog web startup script with following option.
    vi /etc/init.d/graylog-web
    GRAYLOG_WEB_USER="root"
    Start the Service Now.
    /etc/init.d/graylog-server start
    /etc/init.d/graylog-web start


       

    No comments