in Linux

[linux/ubuntu] How to suppress useless mod_openssl/lighttpd error messages from appearing in /var/log/syslog

Sometimes you have a bunch of useless errors creating unnecessary disk I/O on your server, disk I/O that should be used towards serving your user’s requests efficiently.

In this case a site running on lighttpd keeps logging several times per second the following message, creating too much noise and making it hard to see meaningful things I should pay attention to could appear on /var/log/syslog.

Aug  7 19:36:03 ip-172-30-1-251 lighttpd[287019]: message repeated 44 times: [ 2020-08-07 19:36:02: (mod_openssl.c.1796) SSL: 1 error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol]

I tried disabling syslog error messages for SSL, and all syslog output on the lighttpd configuration to no avail. Good thing you can configure rsyslog in Linux to do amazing things with log messages before they make it into the log.

To silence this message, all I had to do was edit an rsyslog config file to filter out my undesired message, and restart the service (no need to restart your host os)

  1. Edited /etc/rsyslog.d/50-default.conf before any mention of /var/log/syslog, to have the following condition (ideally at the top of the config file):

[pastacode lang=”bash” manual=”if%20%24msg%20contains%20’tls_early_post_process_client_hello’%20then%20stop” message=”” highlight=”” provider=”manual”/]

  1. Restarted the rsyslog service, no more noise on /var/log/syslog
     sudo service rsyslog restart

Write a Comment

Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.