Hello smart people,
I have an XG firewall that I have recently upgraded to 16.05.03 MR-3 and now have a strange situation. I send all my logs to a syslog-ng server, via syslog facility, which is then harvested and indexed with Splunk. Ever since the upgrade, it appears that SMTP delivered now no longer gets sent over the syslog facility. The DROPS from the Anti-Spam log type are all sent (I drop all spam and suspected spam), but none of the delivered (action ACCEPT). All other logging events seem to be going just fine, and the delivered emails are being logged to the local firewall logs. Its just the delivered that are no longer being sent over syslog.
I checked with a friend of mine, and he sees the exact same behavior after upgrading his to the same release.
Has anyone else seen this behavior? All the configuration is the same as before with regards to logging, so it seems like a bug. Anywhere else I should look for advanced configurations or something?
Thanks!
This thread was automatically locked due to age.
