This article details how to configure Syslog TLS settings in Ops Manager and BOSH Director. Specifically, what to enter as the Port number, Permitted Peer, and SSL Certificate as well as how to confirm that they are the correct values.

Product Version: 2.8

In either Ops Manager Settings or the BOSH Director Tile, go to the Syslog tab and ensure the following:

1. Select "Yes" in "Do you want to configure Syslog?"

2. Enter the FQDN of the remote log server in the "Address" field.

3. Enter the SSL port number of the remote log server in "Port". This should typically be "1514" if using Log Insight Server.

4. Select "TCP" as the "Transport Protocol".

5. For "Permitted Peer", check the CN value from the server certificate. This should be the CN in the Subject of the server certificate. You would see the CN value by running the following against the remote log server:

$ openssl s_client -connect logs.example.org:1514 -showcerts | grep subject

The above will work if the CN value is in the format of a hostname (e.g., logs.example.org). If the CN value has words with spaces between them (e.g., "My Log Insight"), then you can try to set this as "*" + <the last word> (e.g., "*Insight"). If this permitted peer matching fails then you'd see errors in /var/log/syslog in the Ops Manager VM or BOSH Director VM.

6. For "SSL Certificate", this should be the PEM data of the CA that signed the server certificate or the server certificate if it's self-signed. To confirm that you have the correct certificate, you can save the certificate PEM data into a file (eg., myCA.pem) and the run the following command and make sure that the "Verify return code" value is "0 (ok)".

$ openssl s_client -connect logs.example.org:1514 -showcerts -CAfile myCA.pem

For Ops Manager, saving the settings should take effect immediately (no need for Apply Changes).  For BOSH Director, it will require an "Apply Changes" after you save the settings.

Check /var/log/syslog in the Ops Manager VM or BOSH Director VM for errors if logs are not getting through.