I think it has more to do with my config file. I don't believe I have it set up correctly. I'm not a programmer so modifying the config I can only go by documentation. What I understand is that for outside rules to work....the remote host (if you will) the rsyslog.conf on that server has to be configured to send a specific file to the central log server.
Then on the central log server when it receives the information has to put it somewhere. Which is my issue. :/ -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Lang Sent: Tuesday, April 02, 2013 11:38 AM To: rsyslog-users Subject: Re: [rsyslog] rsyslog newbie I haven't used the rsyslog for windows agent, but I believe that it includes some support as part of the purchase. You may want to follow those support instructions. They are based in Germany, so it's well past business hours there, you should see them starting to respond in about 10 hours. David Lang On Tue, 2 Apr 2013, Josh Bitto wrote: > Hello Everyone, > > Ok so I have been working with rsyslog for a couple of weeks now. I've been > assigned to create a syslog server and all that funky stuff. I have a central > syslog server setup with rsyslog basically "receiving" port 514 udp traffic. > I'm a little confused about some stuff. > > Before anyone says read the guides....I've done that....but I think it needs > to be dumbed down so I can understand it. What I'm trying to do is send > windows event logs as well as other application logs from linux centos boxes > to my syslog server. > > The regular default rules work...I can see them from a server that is > forwarding its messages just fine. What I can't seem to get working is > miscellaneous application logs or windows logs. I downloaded rsyslog windows > agent...did the tutorial for setting up a rule.....tested a message and can > see it just fine on my syslog server. What I can't seem to locate is the > windows events. I've attached my config file. > > > > Josh > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
