• Configuring LI-TLS syslog from the CLI is successful
• The syslog configuration reverts to the previous configuration within a short period (4 hours)
• /var/log/loginsight-agent/liagent_YYYY_MM_DD.log shows messages like:
  
   <trace> ConfigMonitor:132  | File change detected for "/var/lib/loginsight-agent/liagent.ini"
<trace> AgentDaemon:330    | There's no config received from the server
<trace> Config:138         | Reading configuration from: /var/lib/loginsight-agent/liagent.ini
<trace> Config:351         | Configuration key [server].central_config is not specified. Using default: yes
<trace> Config:109         | The current effective configuration is dumped into file /var/lib/loginsight-agent/liagent-effective.ini
  
  
• The changed syslog matches the syslog configuration in (run against one of the NSX Managers: 
  GET /api/v1/configs/central-config/node-config-profiles/00000000-0000-0000-0000-000000000001
  • • Example syslog section:
      "syslog":
{
"exporters": []
},

This occurs because of an active Node Profile applied to the managers that contains a syslog section that does not match the configuration made at the CLI.

• Use the API call below against one of the NSX Manager IPs to GET the current Node Profile applied to the NSX node:
  GET /api/v1/configs/central-config/node-config-profiles/00000000-0000-0000-0000-000000000001
• Edit the response block to remove the syslog section and use this command to PUT the newly reconfigured Node Profile.  (This only needs to be run against a single NSX Manager)
  PUT /api/v1/configs/central-config/node-config-profiles/00000000-0000-0000-0000-000000000001