Panorama Syslog SSL error while writing stream

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Panorama Syslog SSL error while writing stream

L3 Networker

Hi 

 

we encounter issue show as below:

 

Syslog  SSL error while writing stream; tls_error=\'SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure\'. location=\'/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3\

 

found in syslog-ng.log as below:

 

syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection established; fd='32', server='AF_INET(10.xx.xx.xx.xxx', local='AF_INET(0.0.0.0:0)'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: SSL error while writing stream; tls_error='SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure', location='/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: I/O error occurred while writing; fd='32', error='Broken pipe (32)'
syslog-ng.log
2024-02-14 07:30:33
Feb 14 07:30:33 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection broken; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:38
Feb 14 07:30:38 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection failed; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', error='Connection refused (111)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection established; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', local='AF_INET(0.0.0.0:0)'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: SSL error while writing stream; tls_error='SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure', location='/opt/pancfg/mgmt/syslogng/pan_sysng.cfg:68:3'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: I/O error occurred while writing; fd='32', error='Broken pipe (32)'
syslog-ng.log
2024-02-14 07:30:43
Feb 14 07:30:43 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection broken; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', time_reopen='10'
syslog-ng.log
2024-02-14 07:30:48
Feb 14 07:30:48 DC1-L4-R25-EXT-PA01 syslog-ng[12083]: Syslog connection failed; fd='32', server='AF_INET(10.xx.xx.xx.xxx)', error='Connection refused (111)', time_reopen='10'

 

please advise if there is issue with panorama.

 

Thank you

2 REPLIES 2

L0 Member

Hi,

 

Did you ever find a resolution for this issue? Encountering the same setting up an SSL syslog. 

 

Thanks

L3 Networker

Here the TAC investigation and solution as below

 

we have confirmed the synchronization issue has been resolved by restarting the mgmt-server. After the daemon restart, the 'Syslog SSL error while writing stream' error still persists. We can confirm this is not the cause of the synchronization issue but regarding the syslog connection itself.
'Syslog connection failed; fd='32', server='AF_INET(10.48.3.201:1511)', error='Connection refused (111)', time_reopen='10''
From the log, this error is indicating the syslog server is refusing the connection

 

you may try to do a restart mgmt-server

 

thank you

 

 

  • 1442 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!