Recently, I have added one source as a CIFS but I am unable to get the logs which are generated in the Server. The scenario is below.
Host -> Server ( Where logs are generated from the host) -> Receiver (Where generated logs should be received from Server)
Troubleshoot steps have been taken:
1. IP connectivity is proper from the server to Receiver.
2. Ports 445, 514, 135-139 are open from the server to Receiver and able to do telnet.
How can I troubleshoot this issue? Can anyone guide me or give me the suggestion?
Appreciate all your help.
At first you sholud write settings on a ERC then rollout policy to device.
Please check that any information're comming to your device (by using tcpdump tool) - you can also write this information to a pcap file (-w) and inscpect them in for example wireshark.