Wondering if anybody has gotten the syslog forwarding working from panorama traffic logs to Microsofts Cloud App security.
Have followed every guide I can find and I have logs passing to the MS log collector, however the syslog connection drops regularly, and despite getting some traffic showing in Cloud Discovery on the CAS dashboard it's approx.2% of total network traffic. Not from any specific system or source just a random .2%.
I feel like it's the formatting of the logs being sent or the handeling on the collector but the vendors just blame each other so it's hard to nail down.
anyone with experience getting the two to play nice would be appreciated!