NXLog CE failing to connect our SIEM sensor (syslog server)
lordtsmc842
Hello there,
I am experiencing the same reconnection issues on some VMs (Windows Server 2016 10.0.14393), but Nxlog connects successfully to our SIEM syslog sensor over port 601 from other VMs.
When I run the netstat command on the affected servers, I see an “ESTABLISHED” connection between the server and the sensor (syslog server). The Windows firewall is disabled on all our servers.
From the syslog server, there's a trace of successful packet exchange between the servers and the sensor. But I cannot see the Windows events in our SIEM platform.
I have updated Nxlog CE to the latest version. Please help me resolve this issue.
Thank you,
Delvain
