Hi There,
The Log Exporter was working normaly on the FW, and without any modification on FW, the Log Exporter stopped sending the logs, we got the following:
[log_indexer ...]@xGW[DATE TIME] SyslogTCPSender::connect: Failed to initialize socket (:port)
[log_indexer ...]@xGW[DATE TIME] TcpTlsSender::connect: Failed to create socket.
And after a few days, Log Exporter started sending the logs.
I thought the cause is "The target server in the Log Exporter configuration is a hostname instead of an IP address" (sk167100). But when I run " #cp_log_export show " , we can see clearly that the traget server is the IP and not the hostname.
Name: "------"
enabled: true
target-server: "IP"
protocol: tcp
format: syslog
read-mode: found
encrypted: true
Could you help me please to understand this incident?
Is there a way to monitor this process to be immediately notified in case of recurrence?