We just configured syslog on PAM. When we go through the tomcat log, we found below log message:
2023-09-11T09:13:14.386+0000 SEVERE [TP2] com.ca.pam.rest.LogsConfigService.saveSysLogConfig Call to Gatekeeper service controller failed: com.ca.pam.rest.NDGRestException: PAM-CM-0180: Server on ...: port 515 already exists.
Does it mean our setup has failed?
Atifah, Did you check the log because you don't see messages from PAM on your syslog server? If you go to another page, come back to the syslog server configuration page, and see the configuration you entered previously, it implies that the configuration was saved successfully. Possibly a double-click could cause such a message. Anyway, what counts is whether or not PAM sends messages to the configured syslog server.
Yes, I couldn't see any logs from the syslog server. Even checking with network team, they verify no traffic sent out from PAM to the syslog server. We did follow this document when configure it on PAM.
What PAM release are you running right now? There was a problem prior to 4.1.3, where the service handling the syslog message could not be running, see the following item on page Resolved Issues in 4.1.3:
33391034 DE561500 Logstash container is not started when PAM is rebooted without shutting down Cluster.
Its version 184.108.40.206
Hi Atifah, You are at a version that should have the known problems fixed. If you can't get past your problem, please open a case with PAM Support.
Thanks Ralf. I will open a case as advice.