User Tools

Site Tools



attempting to start Syslog port 514 as an input after installing Graylog will fail. This is due to graylog-server running as a non-root users. Ports below 1024 require root level permissions.

Ideal Prerequisites

Software you should have installed before attempting this task

  • Ubuntu
  • Graylog


  • if chmod 500 does not work substitute with chmod 755.


Install authbind

sudo apt-get install authbind -y

Configure UDP 514 to Authbind (the “!” is for UDP, remove it for TCP)

sudo touch '/etc/authbind/byport/!514'
sudo chown graylog:graylog '/etc/authbind/byport/!514'
sudo chmod 500 '/etc/authbind/byport/!514'

Configure /etc/default/graylog-server to use authbind as a wrapper

sudo sed -i "s/GRAYLOG_COMMAND_WRAPPER=\"\"/GRAYLOG_COMMAND_WRAPPER=\"authbind\"/" /etc/default/graylog-server

Restart Graylog

service graylog-server restart


sudo systemctl restart graylog-server.service



Enter your comment. Wiki syntax is allowed:
If you can't read the letters on the image, download this .wav file to get them read to you.
wiki/install_authbind_to_allow_port_514_on_graylog.txt · Last modified: 2019/08/04 01:21 by ctv_admin