bind EADDRNOTAVAIL
I am getting this error in stream when trying to configure an IP address for a TCP source. I can't find any docs around this error.
Answers
-
what port are you trying to bind? Is it less that 1024?
0 -
10505
0 -
Often this is due to another process already listening on that port. Try using
lsof -i :10505to see what's there, if anything.0 -
It's more that it won't accept the IP address, can't the same port be used for all the cribl edge connections as long as the IP is different?
0 -
Typically the source IP is left as 0.0.0.0. Can you explain more of what you're trying to do?
0 -
I am trying to use the same port for the TCP connections. I am setting up cribl edge on windows servers to then send logs to cribl stream.
0 -
But you're referencing a source, not a destination. I'm confused :-)
0 -
Right, when referencing a source can't you put in the IP of that source as it's setup on the cribl edge side?
0 -
I'm not following. Can you provide a detailed description of what you're doing? Normally, no, you don't list IPs in your source configs. Each edge node has its own IPs, so that doesn't work. For the destination you'd put in where the Edge nodes need to send logs. They receive logs on 0.0.0.0 (ie, any address on their interfaces).
0 -
Ok so then each source has to have it's own port set? I am just sending windows logs via TCP to stream.
0 -
Why are you setting ports? If you're reading logs from the windows event system, there are no ports. The only port is on the sending side from Edge to a source defined in Stream. With a single port, listening on 0.0.0.0.
0 -
you have to set a port in cribl stream.
0 -
Yes. You set a port in Stream to listen for data coming from other places. You do not put an IP in that setting typically. The default of 0.0.0.0 is what you want in 99.999% of the cases.
0 -
so it has to be one port per system then?
0 -
Not sure I don't understand the question.
The Stream node listens on a port for data coming in.
Edge senders will connect to that port to deliver data.
Listening ports are not restricted to a single sender.0 -
right but edge senders each have to use their own port?
0 -
To send to? 100% not the case.
0 -
when I go to set the port as the same as other cribl edge connections it says it's already being used.
0 -
That sounds like you're setting a source.
On Stream: Set a source, Cribl TCP is a good choice. You need to pick a port to listen on. All Stream Worker nodes will listen on this port.
On Edge: Set a Destination pointing to your Worker nodes on that single port you defined above
On Edge: Set-up a source for the logs you want to read from the system, and point them to your Destination from the above step.
0 -
so the port can be the same?
0
