- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-13-2024 10:43 PM - edited 02-14-2024 06:54 PM
Hi
we encounter issue show as below:
Syslog SSL error while writing stream; tls_error=\'SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure\'. location=\'/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3\
found in syslog-ng.log as below:
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection established; fd='32', server='AF_INET(10.xx.xx.xx.xxx', local='AF_INET(0.0.0.0:0)'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: SSL error while writing stream; tls_error='SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure', location='/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: I/O error occurred while writing; fd='32', error='Broken pipe (32)'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection broken; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:38
Feb 14 07:30:38 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection failed; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', error='Connection refused (111)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection established; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', local='AF_INET(0.0.0.0:0)'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: SSL error while writing stream; tls_error='SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure', location='/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: I/O error occurred while writing; fd='32', error='Broken pipe (32)'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection broken; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:48
Feb 14 07:30:48 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection failed; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', error='Connection refused (111)', time_reopen='10'
please advise if there is issue with panorama.
Thank you
04-14-2024 09:34 PM
Here the TAC investigation and solution as below
we have confirmed the synchronization issue has been resolved by restarting the mgmt-server. After the daemon restart, the 'Syslog SSL error while writing stream' error still persists. We can confirm this is not the cause of the synchronization issue but regarding the syslog connection itself.
'Syslog connection failed; fd='32', server='AF_INET(10.48.3.201:1511)', error='Connection refused (111)', time_reopen='10''
From the log, this error is indicating the syslog server is refusing the connection
you may try to do a restart mgmt-server
thank you
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!