Cisco ISE 2.6 offers MnT WAN Survivability for UDP syslog collection. System logs are recorded using ISE Messaging Services. Remote Logging Targets uses the port TCP 8671 and Secure Advanced Message Queuing Protocol (AMQPs) for sending syslog to MnT.
So from my understanding, all nodes send the syslogs to the MNT over TCP 8671.
However, the default logging target configuration using port 20514 (udp/syslog) is still enabled on a fresh new 2.7 or 3.0 install. Isn't this redundant and a PSN sends the same message over AMQP and traditional syslog?
Doesn't it make sense to disable to default log targets after AMQP is enabled?
