I have followed all the documentation for building the log forwarder VM (Ubunutu) and configuring the Syslog Data Collector. Syslog events from the actual VM are making it into Sentinel no problem, however the Syslog events we have sent from an on-premises firewall (Protectli) to the Log Forwarder VM are not making it into Sentinel. Below is a screenshot showing the logs in question. The logs in question are coming into the VM on TCP Port 514.
Any ideas what I need to do here or what I can try?