Firewalls sending duplicate logs to external syslog server
5558
Created On 09/09/23 01:54 AM - Last Modified 09/09/23 02:01 AM
Symptom
Duplicate logs are being sent to external syslog servers
Environment
PANOS-10.1.x and above
Cause
If you have a shared level and vsys level syslog forwarding profile and both are named "default" , syslog-ng process will be triggered twice, causing duplicate logging on external syslog servers.
Resolution
Change one of the syslog forwarding profile name from "default" to something else