• Adding a Event Log Server in the UI > System > Identity Firewall AD > Add Active Directory > Click Event Log Server
• Error Shows in UI and doesn't explain well enough to self diagnose the issue.

• After adding Hostname, Username, Password and clicking Add shows an "I/O error."
• You're not able to move forward with the Event Log Server setup wizard.

Logs Show > /var/log/syslog
_{05:41:27.596Z nsx-manager NSX 2205 - [nsx@6876 comp="nsx-manager" subcomp="node-mgmt" username="####" level="WARNING" invalid="true"] Error while updating ip table rule: iptables v1.8.7 (legacy): host/network `incorrect-host-name' not found#012Try `iptables -h' or 'iptables --help' for more information.
05:41:27.598Z nsx-manager NSX 1150557 SYSTEM [nsx@6876 comp="nsx-manager" level="WARNING" reqId="b3f00ae2-f65a-44ed-8cc0-c0d5a65dc75e" subcomp="manager" username="####"] Unable to set IpTables rule: exception: 500 Internal Server Error: "{"error_code": 36229, "error_message": "Error updating ip table rules.", "module_name": "node-services"}"}

NSX 4.x

• This is caused by incorrect Event Log Server host name after clicking the ADD button to complete the IDFW setup wizard. 
• I/O error indicates socket timeout waiting for proper input for host name.

Enter in the correct host name for Event Log Server with full FQDN or IPv4 format and click ADD to complete IDFW setup wizard for Log Scrapping. 
This is correct in vDefend 9.0 and later. 

Reference Tech Article for Adding Event Log Server
https://techdocs.broadcom.com/us/en/vmware-cis/nsx/vmware-nsx/4-1/administration-guide/operations-and-management/configuring-active-directory-and-event-log-scraping.html