Connection fails to syslog server

• In the System log there are messages for failed syslog connections

2020/03/24 11:40:11 high     syslog         syslog- 0  Syslog connection failed to server['AF_INET.10.230.240.173:1514.']
2020/03/24 11:40:11 high     syslog         syslog- 0  Syslog connection failed to server['AF_INET.10.230.240.173:1514.']

• The syslog-ng logs on Slot 8 (LPC) will show "no route to host" errors:

Mar 24 11:39:32 lp syslog-ng[3700]: Syslog connection failed; fd='27', server='AF_INET(10.230.240.173:1514)', error='No route to host (113)', time_reopen='5'

• After a commit is performed on the firewall via a Panorama config push or locally, the syslog connection is re-established. This can also be seen in the system logs

2020/03/24 13:59:43 info     general        general 0  Commit job succeeded. Completion time=2020/03/24 13:59:43. JobId=272004. 
2020/03/24 14:00:11 high     syslog         syslog- 0  Syslog connection established to server['AF_INET.10.230.240.173:1514.']

• PA-7050
• PanOS 9.0.6
• Syslog Forwarding using Log Processing Card (LPC)

• PAN-112539 - The connection between the dataplane interface used for log forwarding, and the Log Processing Card in slot 8 breaks, causing the syslog connection to also break.

1. The resolution is to upgrade to PanOS 9.0.10 which has a fix for PAN-112539

• Search for issue PAN-112539 in PanOS 9.0.10 release notes