[syslog-ng] SSL Problem after update
Scot Needy
scotrn at gmail.com
Fri Apr 22 16:27:38 CEST 2016
As a test try to load a minimal conf with no includes and add them manually using a full path.
I had to do that to troubleshoot java module.
> On Apr 21, 2016, at 6:39 PM, Ivan Adji - Krstev <akivanradix at gmail.com> wrote:
>
> in scl.conf file there is nothing except this line
> @include 'scl/*/*.conf'
> So i don't think so.? I get your point that tls on port 6514 may be used twice but can't find anything like that ... it is the same config file that i have used before removing the old version and putting the new one. From 3.5 to 3.8.
>
>
> On 04/21/2016 08:58 PM, Scot Needy wrote:
>> All of my conf files are included in scl.conf is scl.conf and @include "/etc/syslog-ng/conf.d/*.conf loading the same module twice ?
>>
>>> On Apr 21, 2016, at 1:58 PM, Ivan Adji - Krstev <akivanradix at gmail.com <mailto:akivanradix at gmail.com>> wrote:
>>>
>>> Hi yes i start to put the file but i have some other problems... anyway here it's the config file ( syslog-ng.conf )
>>>
>>>
>>> @version:3.8
>>> @include "scl.conf"
>>>
>>> # syslog-ng configuration file.
>>> #
>>> # This should behave pretty much like the original syslog on RedHat. But
>>> # it could be configured a lot smarter.
>>> #
>>> # See syslog-ng(8) and syslog-ng.conf(5) for more information.
>>> #
>>> # Note: it also sources additional configuration files (*.conf)
>>> # located in /etc/syslog-ng/conf.d/
>>>
>>>
>>> options {
>>> flush_lines (0);
>>> time_reopen (10);
>>> log_fifo_size (1000);
>>> #
>>> log_iw_size(100);
>>> log_fetch_limit(100);
>>> #
>>> chain_hostnames (off);
>>> use_dns (no);
>>> use_fqdn (no);
>>> create_dirs (no);
>>> keep_hostname (yes);
>>> };
>>>
>>> source s_sys {
>>> system();
>>> #unix-stream("/dev/log");
>>> internal();
>>> network(
>>> port(6514)
>>> # tcp(port(5140));
>>> # file("/proc/kmsg" log_prefix("kernel: "));
>>> transport("tls")
>>> tls( key_file("/etc/syslog-ng/cert.d/serverkey.pem")
>>> cert_file("/etc/syslog-ng/cert.d/servercert.pem")
>>> ca_dir("/etc/syslog-ng/ca.d"))
>>> );
>>> };
>>>
>>>
>>> destination d_mongodb {
>>> mongodb(
>>> servers("localhost:27017")
>>> # database("syslog")
>>> uri('mongodb://localhost/syslog-ng' <mongodb://localhost/syslog-ng%27>)
>>> collection("messages")
>>> value-pairs(
>>> scope("selected-macros" "nv-pairs" "sdata")
>>> )
>>> );
>>> };
>>>
>>>
>>>
>>>
>>>
>>> destination d_cons { file("/dev/console"); };
>>> destination d_mesg { file("/var/log/messages"); };
>>> destination d_auth { file("/var/log/secure"); };
>>> destination d_mail { file("/var/log/maillog" flush_lines(10)); };
>>> destination d_spol { file("/var/log/spooler"); };
>>> destination d_boot { file("/var/log/boot.log"); };
>>> destination d_cron { file("/var/log/cron"); };
>>> destination d_kern { file("/var/log/kern"); };
>>> destination d_mlal { usertty("*"); };
>>>
>>> filter f_kernel { facility(kern); };
>>> filter f_default { level(info..emerg) and
>>> not (facility(mail)
>>> or facility(authpriv)
>>> or facility(cron)); };
>>> filter f_auth { facility(authpriv); };
>>> filter f_mail { facility(mail); };
>>> filter f_emergency { level(emerg); };
>>> filter f_news { facility(uucp) or
>>> (facility(news)
>>> and level(crit..emerg)); };
>>> filter f_boot { facility(local7); };
>>> filter f_cron { facility(cron); };
>>>
>>> #log { source(s_sys); filter(f_kernel); destination(d_cons); };
>>> log { source(s_sys); filter(f_kernel); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_default); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_auth); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_mail); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_emergency); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_news); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_boot); destination(d_mongodb); };
>>> log { source(s_sys); filter(f_cron); destination(d_mongodb); };
>>>
>>>
>>> log { source(s_sys); destination(d_mongodb); };
>>>
>>> # Source additional configuration files (.conf extension only)
>>> @include "/etc/syslog-ng/conf.d/*.conf"
>>>
>>>
>>> # vim:ft=syslog-ng:ai:si:ts=4:sw=4:et:
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 04/21/2016 06:12 PM, Scot Needy wrote:
>>>> Or the module does not die on stop and tries to start another.
>>>>
>>>>> On Apr 21, 2016, at 11:20 AM, Balazs Scheidler <bazsi77 at gmail.com <mailto:bazsi77 at gmail.com>> wrote:
>>>>>
>>>>> maybe you have two sources binding on the same port?
>>>>>
>>>>>
>>>>> On Thu, Apr 21, 2016 at 4:36 PM, Scot Needy < <mailto:scotrn at gmail.com>scotrn at gmail.com <mailto:scotrn at gmail.com>> wrote:
>>>>> I don’t see your conf files but I suspect it’s trying to load the tls module twice ?
>>>>>
>>>>>
>>>>>> On Apr 21, 2016, at 10:04 AM, Ivan Adji - Krstev < <mailto:akivanradix at gmail.com>akivanradix at gmail.com <mailto:akivanradix at gmail.com>> wrote:
>>>>>>
>>>>>> It is the same ... if i restart the syslog-ng after that ill get the same error. If i stop the syslog-ng that port is not used anymore ...
>>>>>> Here is the output of the syslog-ng -Fevd
>>>>>>
>>>>>> [2016-04-21T16:02:41.478174] WARNING: Starting with syslog-ng 3.6, the system() source performs JSON parsing of messages starting with the '@cim:' prefix. No additional action is needed;
>>>>>> [2016-04-21T16:02:41.478635] Module loaded and initialized successfully; module='sdjournal'
>>>>>> [2016-04-21T16:02:41.478776] Finishing include; content='source confgen system', depth='1'
>>>>>> [2016-04-21T16:02:41.479601] Module loaded and initialized successfully; module='afsocket'
>>>>>> [2016-04-21T16:02:41.481135] Module loaded and initialized successfully; module='afmongodb'
>>>>>> [2016-04-21T16:02:41.481914] Module loaded and initialized successfully; module='affile'
>>>>>> [2016-04-21T16:02:41.482779] Module loaded and initialized successfully; module='afuser'
>>>>>> [2016-04-21T16:02:41.484211] Unable to detect fully qualified hostname for localhost, use_fqdn() will use the short hostname;
>>>>>> [2016-04-21T16:02:41.484252] Compiling #unnamed sequence [log] at [/etc/syslog-ng/syslog-ng.conf:128:7]
>>>>>> [2016-04-21T16:02:41.484264] Compiling s_sys reference [source] at [/etc/syslog-ng/syslog-ng.conf:128:7]
>>>>>> [2016-04-21T16:02:41.484276] Compiling s_sys sequence [source] at [/etc/syslog-ng/syslog-ng.conf:29:1]
>>>>>> [2016-04-21T16:02:41.484286] Compiling #unnamed junction [log] at [/etc/syslog-ng/syslog-ng.conf:29:15]
>>>>>> [2016-04-21T16:02:41.484295] Compiling #unnamed sequence [log] at [source confgen system:2:5]
>>>>>> [2016-04-21T16:02:41.484304] Compiling #unnamed sequence [source] at [source confgen system:2:5]
>>>>>> [2016-04-21T16:02:41.484314] Compiling #unnamed junction [log] at [source confgen system:2:13]
>>>>>> [2016-04-21T16:02:41.484323] Compiling #unnamed single [log] at [source confgen system:3:1]
>>>>>> [2016-04-21T16:02:41.484337] Compiling #unnamed single [log] at [/etc/syslog-ng/syslog-ng.conf:32:2]
>>>>>> [2016-04-21T16:02:41.484347] Compiling #unnamed single [log] at [/etc/syslog-ng/syslog-ng.conf:33:2]
>>>>>> [2016-04-21T16:02:41.484363] Compiling f_auth reference [filter] at [/etc/syslog-ng/syslog-ng.conf:128:22]
>>>>>> [2016-04-21T16:02:41.484374] Compiling f_auth sequence [filter] at [/etc/syslog-ng/syslog-ng.conf:112:1]
>>>>>> [2016-04-21T16:02:41.484383] Compiling #unnamed single [log] at [/etc/syslog-ng/syslog-ng.conf:112:22]
>>>>>> [2016-04-21T16:02:41.484393] Compiling d_mongodb reference [destination] at [/etc/syslog-ng/syslog-ng.conf:128:38]
>>>>>> [2016-04-21T16:02:41.484403] Compiling d_mongodb sequence [destination] at [/etc/syslog-ng/syslog-ng.conf:57:1]
>>>>>> [2016-04-21T16:02:41.484413] Compiling #unnamed junction [log] at [/etc/syslog-ng/syslog-ng.conf:57:24]
>>>>>> [2016-04-21T16:02:41.484422] Compiling #unnamed single [log] at [/etc/syslog-ng/syslog-ng.conf:58:5]
>>>>>> [2016-04-21T16:02:41.484434] Compiling #unnamed sequence [log] at [/etc/syslog-ng/syslog-ng.conf:133:7]
>>>>>> [2016-04-21T16:02:41.484445] Compiling s_sys reference [source] at [/etc/syslog-ng/syslog-ng.conf:133:7]
>>>>>> [2016-04-21T16:02:41.484456] Compiling f_emergency reference [filter] at [/etc/syslog-ng/syslog-ng.conf:133:22]
>>>>>> [2016-04-21T16:02:41.484467] Compiling f_emergency sequence [filter] at [/etc/syslog-ng/syslog-ng.conf:114:1]
>>>>>> [2016-04-21T16:02:41.484476] Compiling #unnamed single [log] at [/etc/syslog-ng/syslog-ng.conf:114:22]
>>>>>> [2016-04-21T16:02:41.484486] Compiling d_mongodb reference [destination] at [/etc/syslog-ng/syslog-ng.conf:133:43]
>>>>>> [2016-04-21T16:02:41.484497] Compiling #unnamed sequence [log] at [/etc/syslog-ng/syslog-ng.conf:152:7]
>>>>>> [2016-04-21T16:02:41.484506] Compiling s_sys reference [source] at [/etc/syslog-ng/syslog-ng.conf:152:7]
>>>>>> [2016-04-21T16:02:41.484517] Compiling d_mongodb reference [destination] at [/etc/syslog-ng/syslog-ng.conf:152:22]
>>>>>> [2016-04-21T16:02:41.484873] Seeking the journal to the last cursor position; cursor='s=9383cb3eb8ee41eda3468d9841333aef;i=131c;b=0f07653f04794e14beeeebb18131926b;m=214f74fdf;t=530ff299a3a8e;x=d0f0c56745dc963a'
>>>>>> [2016-04-21T16:02:41.485562] Module loaded and initialized successfully; module='syslogformat'
>>>>>> [2016-04-21T16:02:41.485834] Error binding socket; addr='AF_INET(0.0.0.0:6514)', error='Address already in use (98)'
>>>>>> [2016-04-21T16:02:41.485874] Error initializing message pipeline;
>>>>>>
>>>>>>
>>>>>> On 04/21/2016 03:40 PM, Scot Needy wrote:
>>>>>>> kill -9 2411
>>>>>>>
>>>>>>>> On Apr 21, 2016, at 7:58 AM, Ivan Adji - Krstev < <mailto:akivanradix at gmail.com>akivanradix at gmail.com <mailto:akivanradix at gmail.com>> wrote:
>>>>>>>>
>>>>>>>> 2411
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ______________________________________________________________________________
>>>>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>>>>>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>>>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>>>>>
>>>>>>
>>>>>> ______________________________________________________________________________
>>>>>> Member info: <https://lists.balabit.hu/mailman/listinfo/syslog-ng>https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>>>>> Documentation: <http://www.balabit.com/support/documentation/?product=syslog-ng>http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>>>>> FAQ: <http://www.balabit.com/wiki/syslog-ng-faq>http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>>>>
>>>>>
>>>>>
>>>>> ______________________________________________________________________________
>>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>>>> Documentation: <http://www.balabit.com/support/documentation/?product=syslog-ng>http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Bazsi
>>>>> ______________________________________________________________________________
>>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>>>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>>>
>>>>
>>>>
>>>>
>>>> ______________________________________________________________________________
>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>>
>>>
>>> ______________________________________________________________________________
>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>>
>>
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng>
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
>>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160422/f83b9efc/attachment-0001.htm
More information about the syslog-ng
mailing list