syslog-ng (v 3.15.1) 无法侦听标准 TCP 或 UDP(但可以通过 TLS 侦听)
syslog-ng (v 3.15.1) unable to listen on standard TCP or UDP (but can listen over TLS)
绞尽脑汁想想我可能在这里遗漏了什么...我升级到版本 3.15.1 并且无法在 TCP 或 UDP 上侦听。奇怪的是,我能够监听 TCP 并通过 TLS 进行通信。我已经阅读并重新阅读了手册 (https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-sources-network.html)。 运行 在 CentOS 7 上。
这是我配置的相关部分:
...
# never listens and have tried using udp() and tcp() sources as
# well as breaking each out to their individual source defs
source s_net {
network(ip(0.0.0.0) port(6514) transport("tcp"));
network(ip(0.0.0.0) port(514) transport("udp"));
};
# works perfectly
source s_net_tls {
network(
ip(0.0.0.0)
port(22514)
transport("tls")
tls(
key-file('/path/to/foo.key')
cert-file('/path/to/foo.pem')
peer-verify(optional-untrusted)
ssl-options(no-sslv2, no-sslv3, no-tlsv1)
)
);
};
...
netstat 的输出:
$ netstat -tulna | grep -e 514 -e 6514 -e 22514
tcp 0 0 0.0.0.0:22514 0.0.0.0:* LISTEN
$
这是标准输出:
$ sudo syslog-ng -Fedv; syslog-ng-ctl verbose --set=on && syslog-ng-ctl trace --set=on && syslog-ng-ctl debug --set=on
... [ OMITTING UNNECESSARY LINES ] ...
[2018-06-23T20:46:47.406200] Reading shared object for a candidate module; path='/usr/local/lib/syslog-ng', fname='libafsocket.so', module='afsocket'
[2018-06-23T20:46:47.406363] Registering candidate plugin; module='afsocket', context='source', name='unix-stream'
[2018-06-23T20:46:47.406371] Registering candidate plugin; module='afsocket', context='destination', name='unix-stream'
[2018-06-23T20:46:47.406375] Registering candidate plugin; module='afsocket', context='source', name='unix-dgram'
[2018-06-23T20:46:47.406421] Registering candidate plugin; module='afsocket', context='destination', name='unix-dgram'
[2018-06-23T20:46:47.406427] Registering candidate plugin; module='afsocket', context='source', name='tcp'
[2018-06-23T20:46:47.406432] Registering candidate plugin; module='afsocket', context='destination', name='tcp'
[2018-06-23T20:46:47.406440] Registering candidate plugin; module='afsocket', context='source', name='tcp6'
[2018-06-23T20:46:47.406444] Registering candidate plugin; module='afsocket', context='destination', name='tcp6'
[2018-06-23T20:46:47.406448] Registering candidate plugin; module='afsocket', context='source', name='udp'
[2018-06-23T20:46:47.406452] Registering candidate plugin; module='afsocket', context='destination', name='udp'
[2018-06-23T20:46:47.406456] Registering candidate plugin; module='afsocket', context='source', name='udp6'
[2018-06-23T20:46:47.406460] Registering candidate plugin; module='afsocket', context='destination', name='udp6'
[2018-06-23T20:46:47.406464] Registering candidate plugin; module='afsocket', context='source', name='syslog'
[2018-06-23T20:46:47.406468] Registering candidate plugin; module='afsocket', context='destination', name='syslog'
[2018-06-23T20:46:47.406474] Registering candidate plugin; module='afsocket', context='source', name='network'
[2018-06-23T20:46:47.406478] Registering candidate plugin; module='afsocket', context='destination', name='network'
[2018-06-23T20:46:47.406482] Registering candidate plugin; module='afsocket', context='source', name='systemd-syslog'
... [ OMITTING UNNECESSARY LINES ] ...
[2018-06-23T20:46:47.409282] Registering candidate plugin; module='basicfuncs', context='template-func', name='ipv4-to-int'
... [ OMITTING UNNECESSARY LINES ] ...
**[2018-06-23T20:46:47.438730] Accepting connections; addr='AF_INET(0.0.0.0:22514)'**
[2018-06-23T20:46:47.439056] Module loaded and initialized successfully; module='linux-kmsg-format'
[2018-06-23T20:46:47.439307] Running application hooks; hook='1'
[2018-06-23T20:46:47.439315] Running application hooks; hook='3'
[2018-06-23T20:46:47.439328] syslog-ng starting up; version='3.15.1'
我不是 syslog-ng 的新手,希望它是我忽略的简单东西 - 希望更多的人发现我遗漏的东西。
问题是虽然我定义了源驱动程序,但我忽略了它没有在定义的日志路径中被引用。我一直在太多的配置中来回跳动,不知何故错过了为输入源创建引用。现在可以使用了。
...
log {
source(s_net);
...
}
netstat 的输出:
$ netstat -tulna | grep -e 514 -e 6514 -e 22514
tcp 0 0 0.0.0.0:22514 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6514 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:514 0.0.0.0:*
$
绞尽脑汁想想我可能在这里遗漏了什么...我升级到版本 3.15.1 并且无法在 TCP 或 UDP 上侦听。奇怪的是,我能够监听 TCP 并通过 TLS 进行通信。我已经阅读并重新阅读了手册 (https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-sources-network.html)。 运行 在 CentOS 7 上。
这是我配置的相关部分:
...
# never listens and have tried using udp() and tcp() sources as
# well as breaking each out to their individual source defs
source s_net {
network(ip(0.0.0.0) port(6514) transport("tcp"));
network(ip(0.0.0.0) port(514) transport("udp"));
};
# works perfectly
source s_net_tls {
network(
ip(0.0.0.0)
port(22514)
transport("tls")
tls(
key-file('/path/to/foo.key')
cert-file('/path/to/foo.pem')
peer-verify(optional-untrusted)
ssl-options(no-sslv2, no-sslv3, no-tlsv1)
)
);
};
...
netstat 的输出:
$ netstat -tulna | grep -e 514 -e 6514 -e 22514
tcp 0 0 0.0.0.0:22514 0.0.0.0:* LISTEN
$
这是标准输出:
$ sudo syslog-ng -Fedv; syslog-ng-ctl verbose --set=on && syslog-ng-ctl trace --set=on && syslog-ng-ctl debug --set=on
... [ OMITTING UNNECESSARY LINES ] ...
[2018-06-23T20:46:47.406200] Reading shared object for a candidate module; path='/usr/local/lib/syslog-ng', fname='libafsocket.so', module='afsocket'
[2018-06-23T20:46:47.406363] Registering candidate plugin; module='afsocket', context='source', name='unix-stream'
[2018-06-23T20:46:47.406371] Registering candidate plugin; module='afsocket', context='destination', name='unix-stream'
[2018-06-23T20:46:47.406375] Registering candidate plugin; module='afsocket', context='source', name='unix-dgram'
[2018-06-23T20:46:47.406421] Registering candidate plugin; module='afsocket', context='destination', name='unix-dgram'
[2018-06-23T20:46:47.406427] Registering candidate plugin; module='afsocket', context='source', name='tcp'
[2018-06-23T20:46:47.406432] Registering candidate plugin; module='afsocket', context='destination', name='tcp'
[2018-06-23T20:46:47.406440] Registering candidate plugin; module='afsocket', context='source', name='tcp6'
[2018-06-23T20:46:47.406444] Registering candidate plugin; module='afsocket', context='destination', name='tcp6'
[2018-06-23T20:46:47.406448] Registering candidate plugin; module='afsocket', context='source', name='udp'
[2018-06-23T20:46:47.406452] Registering candidate plugin; module='afsocket', context='destination', name='udp'
[2018-06-23T20:46:47.406456] Registering candidate plugin; module='afsocket', context='source', name='udp6'
[2018-06-23T20:46:47.406460] Registering candidate plugin; module='afsocket', context='destination', name='udp6'
[2018-06-23T20:46:47.406464] Registering candidate plugin; module='afsocket', context='source', name='syslog'
[2018-06-23T20:46:47.406468] Registering candidate plugin; module='afsocket', context='destination', name='syslog'
[2018-06-23T20:46:47.406474] Registering candidate plugin; module='afsocket', context='source', name='network'
[2018-06-23T20:46:47.406478] Registering candidate plugin; module='afsocket', context='destination', name='network'
[2018-06-23T20:46:47.406482] Registering candidate plugin; module='afsocket', context='source', name='systemd-syslog'
... [ OMITTING UNNECESSARY LINES ] ...
[2018-06-23T20:46:47.409282] Registering candidate plugin; module='basicfuncs', context='template-func', name='ipv4-to-int'
... [ OMITTING UNNECESSARY LINES ] ...
**[2018-06-23T20:46:47.438730] Accepting connections; addr='AF_INET(0.0.0.0:22514)'**
[2018-06-23T20:46:47.439056] Module loaded and initialized successfully; module='linux-kmsg-format'
[2018-06-23T20:46:47.439307] Running application hooks; hook='1'
[2018-06-23T20:46:47.439315] Running application hooks; hook='3'
[2018-06-23T20:46:47.439328] syslog-ng starting up; version='3.15.1'
我不是 syslog-ng 的新手,希望它是我忽略的简单东西 - 希望更多的人发现我遗漏的东西。
问题是虽然我定义了源驱动程序,但我忽略了它没有在定义的日志路径中被引用。我一直在太多的配置中来回跳动,不知何故错过了为输入源创建引用。现在可以使用了。
...
log {
source(s_net);
...
}
netstat 的输出:
$ netstat -tulna | grep -e 514 -e 6514 -e 22514
tcp 0 0 0.0.0.0:22514 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:6514 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:514 0.0.0.0:*
$