Hi,
First of all, as it was already stated here, and also on the Copr
website: 3.8 is still a development version. It works fine on my
server, passes the tests, still as it's a development version,
mysterious things can happen.
I tried to reproduce your problem, but I could not. I followed
instructions from
https://www.balabit.com/documents/syslog-ng-ose-3.7-guides/en/syslog-ng-tutorial-mutual-auth-tls/html-single/index.html
to generate self signed certificates and used the following config:
[root@localhost conf.d]# cat tls.conf
source demo_tls_source {
network(ip(0.0.0.0) port(6514)
transport("tls")
tls( key_file("/etc/syslog-ng/cert.d/serverkey.pem")
cert_file("/etc/syslog-ng/cert.d/servercert.pem")
ca_dir("/etc/syslog-ng/ca.d")
peer-verify(optional-untrusted))
); };
log { source(demo_tls_source); destination(d_mesg); };
First I tested the configuration by starting syslog-ng from the
command line: syslog-ng -Fvd, and it worked fine. Next I started it
with "systemctl start syslog-ng" and that worked as well.
In both cases I tested using:
[root@localhost conf.d]# loggen -U -i -S 127.0.0.1 6514
average rate = 1030.54 msg/sec, count=10315, time=10.009, (average)
msg size=256, bandwidth=257.49 kB/sec
Note: all my test machines have SELinux and iptables disabled. Check
/var/log/audit/audit.log for SELinux related messages, and your
firewall config if it blocks port 6514. If needed, change your
configurations.
Bye,
Peter Czanik (CzP) <peter.czanik@balabit.com>
Balabit / syslog-ng upstream
http://czanik.blogs.balabit.com/
https://twitter.com/PCzanik
On Tue, May 10, 2016 at 11:03 AM, Czanik, Péter
<peter.czanik@balabit.com> wrote:
Oh, that's my repository. TLS worked fine for me earlier. I'll try to
reproduce the problem later this week.
Bye,
Peter Czanik (CzP) <peter.czanik@balabit.com>
Balabit / syslog-ng upstream
http://czanik.blogs.balabit.com/
https://twitter.com/PCzanik
On Mon, May 9, 2016 at 5:43 PM, Ivan Adji - Krstev
<akivanradix@gmail.com> wrote:
I'm using this one:
https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng38/
To be more specific
https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng38/repo/epel-7/czanik-syslog-ng38-epel-7.repo
And im truing to use it with TLS, self signed certificate
Kind regards
Ivan
On 05/09/2016 04:37 PM, Scot Needy wrote:
What repo are you using ?
On May 9, 2016, at 5:02 AM, Ivan Adji - Krstev <akivanradix@gmail.com>
wrote:
Guys,
Any news on this ? I relay need this syslog up and running.
Kind regards
On 05/06/2016 02:35 PM, Tibor Benke wrote:
If you get the mentioned errors right after the upgrade, maybe the install
scripts are not able to stop syslog-ng -> the upgraded syslog-ng isn't able
to start. Could you check the install scripts, please?
2016-05-06 14:28 GMT+02:00 Ivan Adji - Krstev <akivanradix@gmail.com>:
Here it is
[root@syslogserver syslog-ng]# lsof | grep LISTEN
sshd 854 root 3u IPv4 15103 0t0
TCP *:ssh (LISTEN)
sshd 854 root 4u IPv6 15105 0t0
TCP *:ssh (LISTEN)
mongod 1325 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 1346 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 1922 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 1923 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 1924 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2010 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2011 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2012 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2013 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2165 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2167 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2168 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2169 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2170 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2171 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 2172 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 27857 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 27874 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 27876 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
mongod 1325 28175 mongod 6u IPv4 15950 0t0
TCP localhost:27017 (LISTEN)
master 1577 root 13u IPv4 16582 0t0
TCP localhost:smtp (LISTEN)
master 1577 root 14u IPv6 16583 0t0
TCP localhost:smtp (LISTEN)
syslog-ng 28172 root 21u IPv4 3116883 0t0
TCP *:syslog-tls (LISTEN)
syslog-ng 28172 28173 root 21u IPv4 3116883 0t0
TCP *:syslog-tls (LISTEN)
[root@syslogserver syslog-ng]# netstat -antp | grep 6514
tcp 0 0 0.0.0.0:6514 0.0.0.0:* LISTEN
28172/syslog-ng
[root@syslogserver syslog-ng]#
Kind regards
Ivan
On 05/06/2016 02:25 PM, Tibor Benke wrote:
Hi Ivan,
Could you check what program listens on 0.0.0.0:6514? Thanks! (I suppose
it's a syslog-ng which failed to stop from some unknown reason.)
Tibor
2016-05-06 14:18 GMT+02:00 Ivan Adji - Krstev <akivanradix@gmail.com>:
I have to say ... defenetly we have a problem with this version. I have
install minimal CentOS 7 (CentOS Linux release 7.2.1511 (Core) ) and
Syslog-NG 3.8 and again i have the problem when i update from 3.7 to 3.8.
[2016-05-06T08:14:35.480042] Error binding socket;
addr='AF_INET(0.0.0.0:6514)', error='Address already in use (98)'
[2016-05-06T08:14:35.480091] Error initializing message pipeline;
If you have any suggestions about this problem pleas do it as im on the
way to go back on 3.7
Kind regards
Ivan
On 04/26/2016 02:40 AM, Scot Needy wrote:
No issues on CentOS 7.1
On Apr 25, 2016, at 1:11 PM, Scheidler, Balázs
<balazs.scheidler@balabit.com> wrote:
Hi,
3.8 is not yet considered stable, although we do everything to keep it
that way. It is where we integrate new stuff, both features and bugfixes. I
would stick to 3.7 in a production environment, even though your feedback of
3.8 is very valuable and appreciated, so it becomes really stable when we
get to the release button.
Anyway, I don't think your "address is already in use" is a 3.8 related
issue, it is most probably systemd/initscript related.
--
Bazsi
On Mon, Apr 25, 2016 at 2:18 PM, Ivan Adji - Krstev
<akivanradix@gmail.com> wrote:
Hi all,
I have open a issue about the error i got when i update the Syslog-NG to
3.8 for "syslog-ng Address already in use (98)". I'm still working on
the issue, but i would like to know if this newest version 3.8 is
stabled as im building new environment and im asking myself do i use
this 3.8 version or 3.7 ?
Thanks
Ivan
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq