User is attempting to FTP their log files into Audit in CloudSOC directly without passing through SPANVA but can't connect or is receiving errors.

The CASB product does not support direct FTP from another server due to the inherent insecure nature of FTP.

You can, however, push logs to CloudSOC using SCP of SFTP using a SCP/SFTP Connection, since these protocols are secure.

If your firewalls cannot stream to SCP or SFTP servers, a SpanVA instance on your internal network will allow you to FTP to the SpanVA, which will then securely transfer the logs to CloudSOC. 

Reference tech note Create an SFTP or SCP Datasource.

Note: FTP is supported on SpanVA for the on-prem uploads (On-Prem device to an On-Prem SpanVA instance).