Hello,

We recently upgraded the FMC to 6.2.2 and we re-initiated the logging from the client ( a linux based SIEM) but we observed the below error

Error reading events from "FMC IP". java.io.IOException: Connection is broken. Read operation return "-1";

While running a packet capture on the SIEM, I can see that the FMC is sending a Reset packet but don't know why.

FMC IP.8302 > SIEM IP.25996: Flags [P.], cksum 0x3595 (correct), seq 2137:2228, ack 2761, win 191, length 91
11:18:49.767299 IP (tos 0x0, ttl 64, id 60754, offset 0, flags [DF], proto TCP (6), length 125)
SIEM IP.25996 > FMC IP.8302: Flags [P.], cksum 0x6d5a (incorrect -> 0xe280), seq 2761:2846, ack 2228, win 24576, length 85
11:18:49.767459 IP (tos 0x0, ttl 63, id 63338, offset 0, flags [DF], proto TCP (6), length 109)
FMC IP.8302 > SIEM IP.25996: Flags [FP.], cksum 0x9e45 (correct), seq 2228:2297, ack 2761, win 191, length 69
11:18:49.767544 IP (tos 0x0, ttl 63, id 59607, offset 0, flags [DF], proto TCP (6), length 40)
FMC IP.8302 > SIEM IP.25996: Flags [R], cksum 0xf4a1 (correct), seq 783522214, win 0, length 0
11:18:49.767555 IP (tos 0x0, ttl 64, id 60755, offset 0, flags [DF], proto TCP (6), length 40)
SIEM IP.25996 > FMC IP.8302: Flags [.], cksum 0xd827 (correct), ack 2298, win 24576, length 0
11:18:49.767692 IP (tos 0x0, ttl 64, id 60756, offset 0, flags [DF], proto TCP (6), length 109)
SIEM IP.25996 > FMC IP.8302: Flags [FP.], cksum 0x6d4a (incorrect -> 0xdb0c), seq 2846:2915, ack 2298, win 24576, length 69
11:18:49.767767 IP (tos 0x0, ttl 63, id 59608, offset 0, flags [DF], proto TCP (6), length 40)
FMC IP.8302 > SIEM IP.25996: Flags [R], cksum 0xf45b (correct), seq 783522284, win 0, length 0
11:18:49.767907 IP (tos 0x0, ttl 63, id 59609, offset 0, flags [DF], proto TCP (6), length 40)
FMC IP.8302 > SIEM IP.25996: Flags [R], cksum 0xf45b (correct), seq 783522284, win 0, length 0
11:18:55.781068 IP (tos 0x0, ttl 64, id 50851, offset 0, flags [DF], proto TCP (6), length 52)