Get "Remote Syslog Security Host" Logs from HPE Primera 600

Hello Guys I have a small problem. I want to monitor the HPE Primera 600 Storage.
Primera gives 2 types of logs. Security and non Security.

  • non Security need a UDP conection.
  • security need a TCP and TLS connection

I don’t know how to start. I deployed a Input (Syslog TCP) in the edit mask of the input i enabled TLS and put in the paths to the Graylog public and private key.
TLS is active in the server.conf of Graylog-Server.

In the Primera i put in

XXX cli% setsys RemoteSyslogSecurityHost

I can see that messages appear, but when I open the input in Graylog, the messages are not displayed.

When i start an Input (RAW TCP) on that port messages are displayed but only test messages from the system.

What else needs to be implemented? Where did I make a mistake?


Is the certificate self signed, and does the HPE support untrusted certs?

1 Like

I have an Idea. Is it possible that the cert have not the right key_usage?
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth

It is a trusted cert and the root CA is trusted from the Primera

When you say you only see test messages on the raw input do you mean the mesaages that are sent to verify the setup (a test button on the setup page etc)

What do you mean by “I can see that messages appear”, where are you seeing this?

1 Like

the counter for total I/O goes up and connections are listed

I created a short RAW TCP test input on that port and DONT enabled TCP.

I have deployed the Input!

generate cert on the Primera for Syslog Client.

cli% createcert syslog-sec-client -csr -CN -SAN,IP:

(name and IP are not real and have to be edited)

Install Ca-cert-Bundl

cli% importcert syslog-sec-client -ca stdin

CA-certified CERT import

cli% importcert syslog-sec-client stdi

Configuration for Remote Syslog Servers

cli% setsys RemoteSyslogSecurityHost 

Start Service

cli% setsys RemoteSyslog 1 


Deploy of Input Syslog TCP

TLS cert file:
/path/to/graylog TLS cert

TLS privat key:
/path/to/graylog TLS key

:ballot_box_with_check: Enable TLS

TLS client authentication

TLS Client Auth Trustet Certs
/path/to/Primera TLS genareted cert

You have to copy the generated cert from the Primera to your Graylog.
chown: graylog:graylog
chmod: 640


This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.