03-25-2025 10:45 PM
Hi,
I have a PA VM setup and a syslog server to forwards the logs to. I have done all the configurations needed and syslogs server are receiving the logs. But on the system log there's still an error showing "syslog connection failed to server[x.x.x.x]
Is this expected?
03-26-2025 09:55 AM
Hello,
Check the logs on the device to ensure proper deliver of the logs. If using TCP for syslog, this could also be a possibility if there was an issue with the transmission of data.
Regards,
03-26-2025 09:25 PM
Hello @M.AbuBakar
I came across similar issue in the past. To isolate the issue, I would recommend below steps:
- Check syslog system logs from CLI: tail follow yes mp-log syslog-ng.log.
- Take packet capture: How To Run a Packet Capture (tcpdump) On Management Interface and check reason for failure. For example retransmission time out or what side (server or firewall) is closing connection.
- Can you see in the log re-establishing of syslog connection?
- Are you using syslog over SSL?
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
