Hello everybody,
We have an urgent problem with a SecOps Forwarder instance from one of our customers.
The error message looks as follows:
Does anyone know what might be causing this issue?
Could it be a missing connection to storage.googleapis.com over TCP/443?
I appreciate any responses.
Many Thanks
It looks like it's reporting network transport errors. Ensure the following:
1) Forwarder host has Internet access or allowed access via firewall to these hostnames: https://cloud.google.com/chronicle/docs/install/forwarder-linux#google_ip_address_ranges
2) If there is a proxy, attempt to bypass it for troubleshooting.
3) Some Linux distros have built-in firewall. Ensure one of those is not filtering the traffic.
4) Ensure the Forwarder host has functioning DNS resolution. You can just try pinging one of the hostnames above to ensure it resolves.
-mike
Just adding on here.
Ping your gateway
ping 8.8.8.8
ping malachiteingestion-pa.googleapis.com
if all that works test firewall rules by:
curl -k malachiteingestion-pa.googleapis.com
Thank you, everyone!
We've successfully managed to bypass the proxy server, and we're currently able to receive events. However, we're still looking for a solution that enables using a proxy server.
Is there a way to set this up in combination with Docker Compose? Has anyone had success with Docker Compose for this setup? Most of the solutions I’ve found online haven't worked as expected. 😂
Any insights or experiences would be greatly appreciated!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.