Hi, I am not seeing data come in on a Syslog Source I am setting up. But I do see the syslog data coming into the Worker with a TCP Dump.
The worker OS is RHEL 9.
I've seen this in the past where a local firewall was preventing the data from flowing. The interesting thing is that 'tcpdump' is capturing packets before they touch the firewall, so it makes sense you can see the data here.
A quick and dirty test would be to disable the local firewall and see if the syslog events begin to flow. You should be able to use a command such as:
"systemctl stop firewalld"
I was able to stop the Firewalld service and data is now flowing!!