Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.
No logs are collected from Fortinet units, but tcpdump on NXlog collector shows ingoing traffic coming from them
DS_534595 created
I have a setup using NXlog instances as collectors in a large number of security zones.
<Input in0>
Module im_tcp
Host XXX.XXX.XXX.XXX
</Input>
but for some reason this does not capture logs coming in on port 514 from Fortinet units; all other logs (from Windows and Linux servers) are received and processed just fine.
tcpdump -nvvA host [Fortinet unit IP]
shows log traffic coming in on the NIC from the given IP address.
What am I missing?
DS_534595 created