I'm having issues with sending logs from XGS4500 (SFOS 19.5.3 MR-3-Build652) to a Linux Ubuntu 20.04 syslog server for forwarding to MS Sentinel. The logs are going to a public IP, so they need to be sent via a secure tls connection.
The logs work fine on UDP 514 (when non-secure), but fail to reach the server when the secure connection is used. I have not been able to find a way of adding a local certificate (various searches have suggested this would be a solution). When I try to use the 'Generate locally-signed certificate', it creates a single .CRT file and does not give the .pem and .key files to allow this config setup on the server. Am I correct in thinking the logs are going in syslog-ng format?
Just wondering if I'm going about this the wrong way or if there is something obvious I'm missing. Thanks in advance for any advice!
Thanks
Mark
Added TAGs
[edited by: Erick Jan at 11:15 AM (GMT -7) on 12 Jul 2024]