topic Integration between CDL and Rapid7 InsightIDR not working in Cortex XDR Discussions https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/integration-between-cdl-and-rapid7-insightidr-not-working/m-p/524903#M3299 <P>I am working on the integration between CDL and R7 IDR SIEM and this is not working. I don't get pass the test connection on CDL.&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><A href="https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/" target="_blank">https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/</A>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server</A>&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>I am getting connection time out, I have followed these steps but the syslog server seems to be missing the trsuted certificate needed for communication with CDL. The machine is an Ubuntu machine and I have generated a cert using openssl req -x509 command.&nbsp;</P> <P>Can anyone share if have don this integration before, and how can I get a cert from the trusted certificates for CDL?&nbsp;<A href="https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/trusted-root-ca-log-forwarding-app#id943bec2e-b271-4999-af50-634bf8b503f2" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/trusted-root-ca-log-forwarding-app#id943bec2e-b271-4999-af50-634bf8b503f2</A></P> <P>&nbsp;</P> <P>Thank you</P> Thu, 22 Dec 2022 22:00:29 GMT tamara.gm 2022-12-22T22:00:29Z Integration between CDL and Rapid7 InsightIDR not working https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/integration-between-cdl-and-rapid7-insightidr-not-working/m-p/524903#M3299 <P>I am working on the integration between CDL and R7 IDR SIEM and this is not working. I don't get pass the test connection on CDL.&nbsp;</P> <P>&nbsp;</P> <P>&nbsp;</P> <P><A href="https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/" target="_blank">https://docs.rapid7.com/insightidr/palo-alto-cortex-data-lake/</A>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server</A>&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>I am getting connection time out, I have followed these steps but the syslog server seems to be missing the trsuted certificate needed for communication with CDL. The machine is an Ubuntu machine and I have generated a cert using openssl req -x509 command.&nbsp;</P> <P>Can anyone share if have don this integration before, and how can I get a cert from the trusted certificates for CDL?&nbsp;<A href="https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/trusted-root-ca-log-forwarding-app#id943bec2e-b271-4999-af50-634bf8b503f2" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/trusted-root-ca-log-forwarding-app#id943bec2e-b271-4999-af50-634bf8b503f2</A></P> <P>&nbsp;</P> <P>Thank you</P> Thu, 22 Dec 2022 22:00:29 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/integration-between-cdl-and-rapid7-insightidr-not-working/m-p/524903#M3299 tamara.gm 2022-12-22T22:00:29Z Re: Integration between CDL and Rapid7 InsightIDR not working https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/integration-between-cdl-and-rapid7-insightidr-not-working/m-p/525347#M3304 <P>Hi Tamara</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server" target="_blank">https://docs.paloaltonetworks.com/cortex/cortex-data-lake/cortex-data-lake-getting-started/get-started-with-log-forwarding-app/forward-logs-from-logging-service-to-syslog-server</A></P> <P>&nbsp;</P> <P>Check Step 11. You can download client and CA cert and use them in NXLog app.&nbsp;</P> Wed, 28 Dec 2022 08:45:43 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/integration-between-cdl-and-rapid7-insightidr-not-working/m-p/525347#M3304 etugriceri 2022-12-28T08:45:43Z