Support for Nagios products and services
https://support.nagios.com/forum/
Code: Select all
DAEMON_OPTS="agent -f ${LS_CONF_DIR} -l ${LS_LOG_FILE} ${LS_OPTS}"Code: Select all
DAEMON_OPTS="agent -f ${LS_CONF_DIR} -l ${LS_LOG_FILE} ${LS_OPTS} --debug"Code: Select all
systemctl daemon-reload
service logstash restart
I've configured nagios syslog server as the CA. I followed the "Sending syslog With SSL/TLS" nagios documentation. Code: Select all
{:timestamp=>"2020-05-21T13:27:50.820000-0700", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Received fatal alert: unknown_ca>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:272:in `accept'", "/usr/local/nagioslogserver/logstash/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:106:in `accept'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:112:in `run_server'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:84:in `run'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/pipeline.rb:342:in `inputworker'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/pipeline.rb:336:in `start_input'"], :level=>:debug, :file=>"logstash/inputs/tcp.rb", :line=>"117", :method=>"run_server"}Code: Select all
{:timestamp=>"2020-05-27T17:13:04.723000-0700", :message=>"SSL Error", :exception=>#<OpenSSL::SSL::SSLError: Received fatal alert: decrypt_error>, :backtrace=>["org/jruby/ext/openssl/SSLSocket.java:272:in `accept'", "/usr/local/nagioslogserver/logstash/vendor/jruby/lib/ruby/shared/jopenssl19/openssl/ssl-internal.rb:106:in `accept'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:112:in `run_server'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-input-tcp-3.0.6/lib/logstash/inputs/tcp.rb:84:in `run'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/pipeline.rb:342:in `inputworker'", "/usr/local/nagioslogserver/logstash/vendor/bundle/jruby/1.9/gems/logstash-core-2.4.1-java/lib/logstash/pipeline.rb:336:in `start_input'"], :level=>:debug, :file=>"logstash/inputs/tcp.rb", :line=>"117", :method=>"run_server"}Code: Select all
yum -y install tcpdump
tcpdump -s 0 -i any host w.x.y.z -w output.pcap