Thanks Ralf. I will open a case as advice.
Original Message:
Sent: Sep 21, 2023 12:13 PM
From: Ralf Prigl
Subject: Syslog configuration
Hi Atifah, You are at a version that should have the known problems fixed. If you can't get past your problem, please open a case with PAM Support.
Original Message:
Sent: Sep 20, 2023 10:39 PM
From: Atifah Abdul Latif
Subject: Syslog configuration
Hi Ralf,
Its version 4.1.3.119
-Atifah
Original Message:
Sent: Sep 20, 2023 10:55 AM
From: Ralf Prigl
Subject: Syslog configuration
What PAM release are you running right now? There was a problem prior to 4.1.3, where the service handling the syslog message could not be running, see the following item on page Resolved Issues in 4.1.3:
33391034 DE561500 Logstash container is not started when PAM is rebooted without shutting down Cluster.
Original Message:
Sent: Sep 20, 2023 03:39 AM
From: Atifah Abdul Latif
Subject: Syslog configuration
Hi Ralf,
Yes, I couldn't see any logs from the syslog server. Even checking with network team, they verify no traffic sent out from PAM to the syslog server. We did follow this document when configure it on PAM.
Thanks,
Atifah
Original Message:
Sent: Sep 18, 2023 12:51 PM
From: Ralf Prigl
Subject: Syslog configuration
Atifah, Did you check the log because you don't see messages from PAM on your syslog server? If you go to another page, come back to the syslog server configuration page, and see the configuration you entered previously, it implies that the configuration was saved successfully. Possibly a double-click could cause such a message. Anyway, what counts is whether or not PAM sends messages to the configured syslog server.
Original Message:
Sent: Sep 18, 2023 06:45 AM
From: Atifah Abdul Latif
Subject: Syslog configuration
Hi All,
We just configured syslog on PAM. When we go through the tomcat log, we found below log message:
2023-09-11T09:13:14.386+0000 SEVERE [TP2] com.ca.pam.rest.LogsConfigService.saveSysLogConfig Call to Gatekeeper service controller failed: com.ca.pam.rest.NDGRestException: PAM-CM-0180: Server on ...: port 515 already exists.
Does it mean our setup has failed?
Thanks,
Atifah