Hello Everyone, Ok so I have been working with rsyslog for a couple of weeks now. I've been assigned to create a syslog server and all that funky stuff. I have a central syslog server setup with rsyslog basically "receiving" port 514 udp traffic. I'm a little confused about some stuff.
Before anyone says read the guides....I've done that....but I think it needs to be dumbed down so I can understand it. What I'm trying to do is send windows event logs as well as other application logs from linux centos boxes to my syslog server. The regular default rules work...I can see them from a server that is forwarding its messages just fine. What I can't seem to get working is miscellaneous application logs or windows logs. I downloaded rsyslog windows agent...did the tutorial for setting up a rule.....tested a message and can see it just fine on my syslog server. What I can't seem to locate is the windows events. I've attached my config file. Josh
rsyslog.conf
Description: rsyslog.conf
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
