Thanks for the hit @harsmarvania57 As per suggestion I have updated the version and also manage the config according to new version, but again I am getting same kind of error. update env_file. [root@hostname ~]# cat /opt/sc4s/env_file
SC4S_DEST_SPLUNK_HEC_DEFAULT_URL=https://http-singh-sudhir.splunkcloud.com:443
SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN=Z93TSS87-F826-19V1-01W1-Q9Q8G1G8264
#Uncomment the following line if using untrusted SSL certificates
#SC4S_DEST_SPLUNK_HEC_DEFAULT_TLS_VERIFY=no
SC4S_DEST_GLOBAL_ALTERNATES=d_hec_debug podman logs SC4S [root@hostname sc4s]# podman logs SC4S
curl: (7) Failed to connect to http-singh-sudhir.splunkcloud.com port 443: Connection timed out
SC4S_ENV_CHECK_HEC: Invalid Splunk HEC URL, invalid token, or other HEC connectivity issue index=main. sourcetype=sc4s:fallback
Startup will continue to prevent data loss if this is a transient failure.
syslog-ng checking config
sc4s version=1.86.4
starting goss
starting syslog-ng
Aug 16 16:07:35.327 hostname syslog-ng[166]: syslog-ng starting up; version='3.32.1'
Aug 16 16:07:36.700 hostname syslog-ng[166]: curl: error sending HTTP request; url='http-singh-sudhir.splunkcloud.com:443/services/collector/event', error='Couldn\'t connect to server', worker_index='2', driver='d_hec_fmt#0', location='root generator dest_hec:5:5'
Aug 16 16:07:36.700 hostname syslog-ng[166]: curl: error sending HTTP request; url='http-singh-sudhir.splunkcloud.com:443/services/collector/event', error='Couldn\'t connect to server', worker_index='3', driver='d_hec_fmt#0', location='root generator dest_hec:5:5'
Aug 16 16:07:36.700 hostname syslog-ng[166]: Server disconnected while preparing messages for sending, trying again; driver='d_hec_fmt#0', location='root generator dest_hec:5:5', worker_index='2', time_reopen='10', batch_size='198'
Aug 16 16:07:36.700 hostname syslog-ng[166]: Server disconnected while preparing messages for sending, trying again; driver='d_hec_fmt#0', location='root generator dest_hec:5:5', worker_index='3', time_reopen='10', batch_size='198' Log from Debug file - [root@hostname sc4s_events]# cat 2021-08-16-hec.log
curl -k -u "sc4s HEC debug:$SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN" "https://http-singh-sudhir.splunkcloud.com:443/services/collector/event" -d '{"time":"1629130055.327","sourcetype":"sc4s:events","source":"sc4s","index":"main","host":"sudhir4321","fields":{"sc4s_vendor_product":"sc4s_events","sc4s_syslog_facility":"syslog","sc4s_loghost":"sudhir4321","sc4s_container":"sudhir4321"},"event":"2021-08-16T16:07:35.327+00:00 sudhir4321 syslog-ng 166 - [meta sequenceId=\"1\"] syslog-ng starting up; version='3.32.1'"}'
curl -k -u "sc4s HEC debug:$SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN" "https://http-singh-sudhir.splunkcloud.com:443/services/collector/event" -d '{"time":"1629130056.401","sourcetype":"sc4s:events:startup:out","source":"sc4s","index":"main","host":"sudhir4321","fields":{"sc4s_vendor_product":"sc4s_events","sc4s_syslog_facility":"user","sc4s_loghost":"sudhir4321","sc4s_container":"sudhir4321"},"event":"syslog-ng-config: sc4s version=1.86.4"}'
curl -k -u "sc4s HEC debug:$SC4S_DEST_SPLUNK_HEC_DEFAULT_TOKEN" "https://http-singh-sudhir.splunkcloud.com:443/services/collector/event" -d '{"time":"1629130056.700","sourcetype":"sc4s:events","source":"sc4s","index":"main","host":"sudhir4321","fields":{"sc4s_vendor_product":"sc4s_events","sc4s_syslog_facility":"syslog","sc4s_loghost":"sudhir4321","sc4s_container":"sudhir4321"},"event":"2021-08-16T16:07:36.700+00:00 sudhir4321 syslog-ng 166 - [meta sequenceId=\"3\"] curl: error sending HTTP request; url='https://http-singh-sudhir.splunkcloud.com:443/services/collector/event', error='Couldn\\'t connect to server', worker_index='2', driver='d_hec_fmt#0', location='root generator dest_hec:5:5'"}' What could be the issue now, can you please help me to understand.
... View more