Sending TLS Syslog over from Trellix ePO to NXLOG CE


#1 blackwat3rr

Hello, I'm having trouble forwarding Logs from my ePO instance to nxlog. ePO will say Syslog connection success under test connection, however, nxlog.log will say “Error Module ssl coulden't read the input; invalid header received by Syslog_TLS input reader, input is not RFC 5425 compliant.” It seems like nxlog is having trouble decrypting due to maybe a certificate issue but im not sure. Any help would be greatly appreciated. 

#2 gahorvath Nxlog ✓

Hello!

Would you please share your configuration and the nxlog.log file?

Thanks!