a debug dump will be rather difficult as the logs are on a system not connected to the Internet.
Will see what I can achieve. Thanks. -- Barry (M) 0411 064 000 (F) 02 6257 7308 Banpen Fugyou - 10,000 Changes, No surprises Key Fingerprint: 4CFF 5276 1BF5 DFD4 684B CBD2 E414 6292 D40E BBFDQuoting David Lang <[email protected]>: > note that with v8 devel rsyslog-gnutls is obsolete and should be > uninstalled (it's rolled into the main rsyslog package now) > > David Lang > > On Wed, 7 May 2014, Radu Gheorghe wrote: > >> Date: Wed, 7 May 2014 17:11:01 +0300 >> From: Radu Gheorghe <[email protected]> >> Reply-To: rsyslog-users <[email protected]> >> To: rsyslog-users <[email protected]> >> Subject: Re: [rsyslog] TCP Encryption Netstream Errors >> >> Hi Barry, >> >> I remember seeing this error, but I don't remember the context. Do you have >> the rsyslog-gnutls package installed? Or did you enable gnutls when >> compiling it? >> >> If yes, can you double-check the validity of your certificate. I see a >> strange issue being reported in this thread: >> http://kb.monitorware.com/rsyslog-with-tls-does-not-work-for-t12092.html >> >> If these don't help, can you say more about your OS and GnuTLS versions? >> >> Best regards, >> Radu >> >> -- >> Performance Monitoring * Log Analytics * Search Analytics >> Solr & Elasticsearch Support * http://sematext.com/ >> >> >> On Wed, May 7, 2014 at 9:46 AM, Barry Haycock >> <[email protected]>wrote: >> >>> >>> >>> Hi all, >>> >>> I was wondering if I could request some assistance. >>> >>> Currently, I am trying to setup TCP encryption and I get the following >>> error on my rsyslog server when the client is trying to send encrypted TCP >>> log events. >>> >>> <Date> <server>: netsteam session 0x7fae50001740 will be closed due to >>> error [try http://www.rsyslog.com/e/2089] >>> <Date> <server>: netsteam session 0x7fae50002db0 will be closed due to >>> error [try http://www.rsyslog.com/e/2089] >>> <Date> <server>: netsteam session 0x7fae500097a0 will be closed due to >>> error [try http://www.rsyslog.com/e/2089] >>> >>> Web research states that there should be an error message preceding this >>> error. I don't get any error messages prior to this. >>> >>> My Server config is >>> Rsyslog V7.6.3 (GNUTLS V2.8.5) >>> $DefaultNetstreamDriver gtls >>> $DefaultNetstreamDriverCAFile <Path to CA PEM> >>> $DefaultNetstreamDriverCertFile <Path to Cert> >>> $DefaultNetstreamDriverKeyFile <Path to Key> >>> >>> module(load="imtcp" MaxListeners="2000" StreamDriver.Name="gtls" >>> StreamDriver.Mode="1" StreamDriver.AuthMode="X509/name") >>> input(type-"imtcp" port="6173" name="tcp-tls") >>> >>> My client config is >>> Rsyslog V5.8.10 (gnuTLSV2.8.5) >>> $DefaultNetstreamDriver gtls >>> $DefaultNetstreamDriverCAFile <Path to CA PEM> >>> $DefaultNetstreamDriverCertFile <Path to Cert> >>> $DefaultNetstreamDriverKeyFile <Path to Key> >>> $ActionSendStreamDriverAuthMode x509/name >>> $ActionSendSteamDriverMode 1 >>> >>> *.info;mail.none;authpriv.none;cron.none /var/log/messages >>> & @@<rsyslog_server>:6173;VLMessagesFwdFmt >>> >>> The client is the bog standard rsyslog client as delivered on my centos >>> test machine while the server (which is the same OS) has been upgraded to >>> the V7.6.3 release from the rsyslog website. >>> My CA and certificates for testing is one created using openssl. >>> >>> Any ideas would be appreciated. >>> >>> -- >>> >>> Barry >>> >>> Banpen Fugyou - 10,000 Changes, No surprises >>> >>> >>> >>> ---------------------------------------------------------------- >>> This message was sent using IMP, the Internet Messaging Program. >>> _______________________________________________ >>> rsyslog mailing list >>> http://lists.adiscon.net/mailman/listinfo/rsyslog >>> http://www.rsyslog.com/professional-services/ >>> What's up with rsyslog? Follow https://twitter.com/rgerhards >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >>> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >>> DON'T LIKE THAT. >>> >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a >> myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT >> POST if you DON'T LIKE THAT. >> > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT > POST if you DON'T LIKE THAT. > > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
binIGOSaAczJe.bin
Description: PGP Public Key
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
