We recently implemented a syslog UDP delivery of several of our ESA logs to our security group for evaulation. We are consistently getting this error message regarding these deliveries. UDP should be basically be a blind connection - why would the IronPort reporting these errors? Cisoc C670 ver 7.5.1-102 O/S
If this is expected behavior then what other options would you recommend?
Log Error: Subscription ISIS_MX_Mail_Logs: Network error while sending log data to syslog server 162.131.217.11 (162.131.217.11): [Errno 61] Connection refused