I have a case where several networks don't send the event logs to the syslog server while other networks in the same template do send their logs. Is it also possible to verify that these log sources are inactive and that there is no error causing the log source to not send log events? Do anyone have anyone experience regarding this issue?
See the picture below for the tags applied for the server:
I suggest verifying the connectivity to the Syslogs servers and they are reachable from the MX and then take packet capture from the MX to see whether it is actually sending traffic to the servers or not. Also, if the Syslog servers are over the VPN, make sure there is no site-to-site VPN firewall rule blocking the traffic.
There were no site-to-site VPN firewall rule blocking the traffic. However have multiple networks started to send event logs to the server without that I did a thing. I was unable to ping the syslog server, but it is most likely blocking ICMP, since I tried to ping it from a network who worked as well. I can see that there are going traffic towards the syslog server, so I will follow your other step and verify that the appliance can reach the server.