Troubleshooting Installs
Easy Troubleshooting Page for Agent Install Failures.
Last updated
Easy Troubleshooting Page for Agent Install Failures.
Last updated
BluLogShipper Install Errors
#1. Error: TLS Verification Error (Resolved)
If you encounter the above "TLS Verification Error", it is often associated with the below causes:
Cause: The System is not up-to-date on patches OR it hasn't been patched in a very long time. This results in the system not having updated TLS root certificates in its certificate authority store.
Resolution 1: Please update your system to the latest updates available.
Resolution 2: If TLS issue is not resolved. Here are the steps to fix it:
Open the following link in a browser:
Copy the key.
Save it as a .pem
file on your system.
Move the .pem
file to the conf folder.
Edit the fluent-bit
configuration.
Add the following script to the output section: tls: on tls.verify: true tls.ca_file: <path of the .pem file>/.pem
Ensure that the path uses forward slashes (/
).
Then restart the service now
Cause: Your systems is out of support and is no longer supported by the vendor.
Resolution: Please upgrade to the latest version of the Operating System (OS) at the earliest. This is considered a severe risk by CSCRF. When your operating system is out of support, security patches are no longer provided by the vendor. Hence, this qualifies as a severe risk and shall be represented as such to the exchange.
Cause: Your system Date and time are not synchronised to a radio clock / time server on the internet and/or is not up to date.
Resolution: Good security practices require that your system should always be in sync with network time servers. There are many reliable time servers on the internet. Please ensure your system is synced.
Cause: TLS version mismatch.
Resolution: This again happens if you system is out of support by the vendor and/or not updated in a long time. TLS 1.3 has been a standard for over at least 3yrs now. Please upgrade.
Cause: This issue typically arises on older versions of Windows (2016 or older). The root cause is a character set mismatch in Fluent Bit, which defaults to Unicode, while older versions of Windows use ANSI.
Resolution:
Update the Use_ANSI
flag in every input section to True
.
Restart the service.
Cause: Fluent Bit is unable to find the log locations for Windows Defender Operational logs.
Resolution:
Remove the input log source for Windows Defender Operational logs.
This is a temporary solution that allows the service to work with limited input.
Cause: This issue is caused by an unsupported version of the GNU C Library (GLIBC) for C library-based applications.
Resolution:
BluLogShipper supports systems with GLIBC version 2.27 or higher.
If the customer needs an older version, refer to the BluLogShipper build documentation and build it in an environment with the required or older GLIBC version.
Cause:
This error occurs when the installer is launched from a file path other than the "C:" drive on Windows. The installer is unable to copy configuration and credential files from another drive to C:\Program Files\BluLogShipper\conf
, causing the installation to terminate.
Resolution:
Install BluLogShipper from a child directory of the C:\
drive.
Cause: For some clients, the DNS server is set by the service provider, which can lead to errors. Please check your local DNS resolution.
Resolution:
If you do not receive any support from your local DNS provider (usually your ISP), then try changing the DNS server address to a public secure DNS server like below:
8.8.8.8
8.8.4.4
Fast, globally distributed, minimal logging
Cloudflare
1.1.1.1
1.0.0.1
Privacy-focused, no logging, fast
Quad9
9.9.9.9
149.112.112.112
Security-first: blocks malicious domains
OpenDNS
208.67.222.222
208.67.220.220
Offers filtering and parental control
.
Carefully verify the DNS configuration to resolve these issues.