registering SYSLOG server and test connection does not succeed
registering a new SYSLOG server, with ENABLE EVENT FORWARDING checked
TEST CONNECTION does not succeed, only shows 3 dots (...)
-TELNETs work (telnet IP port)
-there is no firewall between the two hosts
-EVENT PARSER log seems to recognize and load the new server/port information
-SIEM seems to be receiving WINDOWS events/logs
-SIEM does not seem to be receiving ePO events/logs
Question - any ideas on how to troubleshoot what the 3 dots, or lack to TEST SUCCESSFUL message means?
Question - in the CONFIGURATION->SERVER SETTINGS->EVENT FILTERING - there is a column heading, STORE IN SIEM.
-do we need to, in addition to registering a SYSLOG server, do we also to provide SIEM information/details?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.