I was configuring syslog in NAC... ForeScout CounterACT...
Syslog is not working. I have all the correct settings for each NAC appliance, but the syslogs do not go out. I go into the policies that generate syslogs and they're all on default settings because, by default, I want each appliance to use the settings I defined for them.
But if I go into the rules and change the default values, the syslogs send out. That's good, but I want to use the default settings that employ regional collectors, not send everything to one collector.
Then I try something... While it says "Click here to change default settings", I type in "Default". I type in "Default" for all the settings.
The syslogs send out!
I tell this to the vendor engineer on site and he then pulls up a bug that confirms what I experienced. It's good that it gets fixed in the next version, but for now...
The default settings are not the default settings by default, but if I specify default settings then default settings will be applied.
:facepalm4:
:eek: :XD: :XD: :XD: