User is attempting to FTP their log files into Audit in CloudSOC directly without passing through SPANVA but can't connect or is receiving errors.

The CASB product does not support direct FTP from another server due to the inherent insecure nature of FTP.

You can, however, push logs to CloudSOC using SCP of SFTP using a SCP/SFTP Connection, since these protocols are secure.

If your firewalls cannot stream to SCP or SFTP servers, a SpanVA instance on your internal network will allow you to FTP to the SpanVA, which will then securely transfer the logs to CloudSOC. 

Reference tech note Managing Data Sources for the CloudSOC Audit App in knowledge base under audit.

Note: FTP is supported on SpanVA for the on-prem uploads (On-Prem device to an On-Prem SpanVA instance).