I can't make syslogs work on Prisma Cloud
4585
Created On 01/31/24 09:48 AM - Last Modified 01/31/24 09:50 AM
Question
How can I configure syslogs if I'm still getting errors even after following the KBs "How To Troubleshoot Connection Failures To Syslog Servers " and "How to Forward System Logs to Syslog Server " ?
Environment
Prisma Cloud Compute, Prisma Cloud, Syslog server,
Answer
For most log collectors like Graylog, Datadog and Qradar, try and use a tcp connection with a higher port rather than the 514. Making sure that the port is not in use by any other service/process. Usually ports like 2514, 2516 etc will do the job.