[rsyslog-notify] Forum Thread: Re: RSyslog not sending messages - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Sun Jan 25 05:27:48 CET 2015
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25199#p25199
Message:
----------
I can't easily troublehoot this, but I can say what roughly needs to
happen.
to troubleshoot from the network connection point of view:
You are going to need a wireshark dump of the entire connection from the
beginning negotiation.
You are going to need the cert used for the connection.
Then you should be able to have wireshark decrypt the session that it has
captured and show you the logging data and the GnuTLS negotiation.
At the point where the connection gets closed, there is something from
papertrail that confuses GnuTLS on your machine, and this triggers closing
the connection.
You may also want to get in contact with the GnuTLS folks and see what they
suggest in terms of getting GnuTLS to output more data about what's going
on (a debug flag for that library effectively). This may require
recompiling GnuTLS (and that may require that you recompile rsyslog against
the new library, hard to say)
I would also suggest posting on the rsyslog-users mailing list, saying that
you think we've diagnosed things down to a GnuTLS incompatibility between
your sender running rsyslog and the receiver being run by the other
company, asking for what you can do to get more detail on the problem (make
sure you include exact library versions as part of this post) and hopefully
one of the folks with more experience troubleshooting GnuTLS issues can
suggest something to try.
More information about the rsyslog-notify
mailing list