After configuring syslog-ng PE, test if everything works as expected.
To test the configuration
On the client side, enter the following command:
logger "This is a test message"
On the server side, tail the file, where logs from the network are arriving. You should see something similar in case of the above test message:
tail -f /var/log/messages | grep test
Jun 26 19:12:06 172.16.177.129 root: This is a test message
If you cannot see it, check the log file, where the internal messages of syslog-ng are stored, both on the server and the client side. The most common causes of the problem are the following:
There is no trace of connection at all (internal logs show connection attempts), there is a network / firewall problem, or incorrectly configured destination or listening IP.
With new certificates an incorrectly configured clock can already cause problems. Check if all of your systems have the same time / time zone.
Make sure, that the Common Name is set to the correct FQDN or IP address. If you use FQDN, make sure, that your DNS server works correctly.
Do not include an email address in the client and server certificates.
For more information about TLS-related error messages, see "Error messages" in the Administration Guide.
This tutorial has shown you how to encrypt and authenticate the connection between your clients and your logserver.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz