syslog session was showing discarded due to which syslog server was not able to receive message

Reply
Highlighted
L2 Linker

syslog session was showing discarded due to which syslog server was not able to receive message

* Ping and Telnet logs from DR Fortigate to Archsight server were to see in firewall. * In cli , session found with discard state for same traffic . After clearing that session issue resolved. -------------------------------------------------------------------------------- ID Application State Type Flag Src[Sport]/Zone/Proto (translated IP[Port]) Vsys Dst[Dport]/Zone (translated IP[Port]) -------------------------------------------------------------------------------- 2739248 syslog DISCARD FLOW 10.240.0.150[13652]/Router/17 (10.240.0.150[13652]) vsys1 10.0.6.12[514]/Server (10.0.6.12[514]) * As the syslog has long live session, all packets were dropping from Sat Jan 11 due to already established session which was in discard state. what would be the possibility ?
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!