Sorry if I'm asking something that is really FAQ - just couldnt find an
obvious answer.
Question is - I need to preserve on the "server" _all_ events logged
from a Windows client tailing on a plain text file.
These text files can be a variety of SunOne standard and application
specific logs... i.e. I want multiple boxes to forward _all_ logs to my
central ossec server.
I included following configuration to the Windows client, ossec server
already logs messages from this host when they come from event logs. It
doesn't at the moment log anything that I would append to the
D:\Test.log...
<localfile>
<location>D:\Test.log</location>
<log_format>syslog</log_format>
</localfile>
Maybe I am just trying to misuse ossec ?
Kind regards,
Pavel Smirnov.
