Yes. But what functionality with TLS is or is not working? Input? Output?
*I have a client running rsyslogd , sending syslogs to server. I am using syslog() to send syslogs.When I run version 8.2108 with TLS , I see the messages sent from client on wireshark (snapshot attched). But If I enable debug I do not see anything on Wireshark going out from client side, * What's your config? *Attached are the configs from cleint and server.* What are the symptoms of "not working"? Does your side terminate the TLS connection with some error? Does the other side terminate it? *I think the client does not start the connection. * Does it work again if you downgrade the rsyslog back to 8.2108? *Yes If I downgrade to 8.2108 , rsyslogd with TLS is working (NO Debug enabled)* On Mon, Jun 20, 2022 at 11:06 AM Mariusz Kruk via rsyslog < rsyslog@lists.adiscon.com> wrote: > Yes. But what functionality with TLS is or is not working? Input? Output? > > What's your config? > > What are the symptoms of "not working"? Does your side terminate the TLS > connection with some error? Does the other side terminate it? > > Did you try tcpdumping the TLS connection? > > Does it work again if you downgrade the rsyslog back to 8.2108? > > On 20.06.2022 16:59, Abhinav Bhatia wrote: > > Hi Mariusz, > > > > Thank you for quick reply, > > > > *Version* > > > > > > > > *No TLS* > > > > > > > > *TLS with Debug enabled* > > > > > > > > *TLS with debug disabled* > > > > 8.2108.0 > > > > > > > > Working > > > > > > > > Not Working > > > > > > > > Working > > > > 8.2204.0 > > > > > > > > Working > > > > > > > > Not Working > > > > > > > > Not Working > > > > Logs I shared with you were of version 8.2108.0 , TLS with Debug enabled. > > > > > > Thank you, > > > > > > On Mon, Jun 20, 2022 at 10:38 AM Mariusz Kruk via rsyslog > > <rsyslog@lists.adiscon.com> wrote: > > > > OK. But _what_ is working or not working? Because quick glance > > over the > > the debug file you attached doesn't show anything TLS-related. > > > > Or even any other input module other than imuxsock or imklog. So > > maybe > > it's that your omfwd action is supposed to be TLS-enabled. But we > > don't > > see any streamdriver config in this debug. > > > > On 20.06.2022 16:27, Abhinav Bhatia via rsyslog wrote: > > > Hi , > > > > > > I was using rsyslogd (version 8.2108.0.master) with TLS which > > was working > > > fine. Then I upgraded to 8.2204.0.master and syslog with TLS > stopped > > > working, over UDP works fine. > > > > > > Along with rsyslod I upgraded the curl 7.79.0-DEV to 7.83.1-DEV > > , and > > > Nettle from 3.1.1 to 3.7.1. > > > > > > To debug the issue I enabled the logs with version 8.2108.0 via > > > rsyslog.conf. Issue is when I enable logs I do not see any TLS > > data sent to > > > the server (attached logs). however if I do not enable debug in > > conf file > > > it works fine. > > > > > > Below are the lines added for debugging is syslog.conf: > > > > > > $DebugFile /var/log/rsyslog.debug > > > $DebugLevel 2 > > > > > > Thank you ! > > > > > > _______________________________________________ > > > rsyslog mailing list > > > https://lists.adiscon.net/mailman/listinfo/rsyslog > > > http://www.rsyslog.com/professional-services/ > > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by > > a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO > > NOT POST if you DON'T LIKE THAT. > > _______________________________________________ > > rsyslog mailing list > > https://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > > myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT > > POST if you DON'T LIKE THAT. > > > _______________________________________________ > rsyslog mailing list > https://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT.
client_rsyslog.conf
Description: Binary data
server_rsyslog.conf
Description: Binary data
_______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
