Hi guys, I have following config in place:
Linux server + Oracle DB Oracle logging: AUDIT_TRAIL = OS AUDIT_SYSLOG_LEVEL=local6.warning AUDIT_SYS_OPERATIONS = TRUE OS - rsyslog is forwarding the logs: *.* @IP address of collector but in collector (SIEM) I can see only OS logs, no DB logs. Does anybody have any idea where I might did something wrong ? I am using default rsyslog.conf (means I did not change there anything) When I will change DB logging to local5, it will be working, but unfortunately I cannot use local5 for both OS & DB logging, so I have to split/divert DB logging to local6. With *.* forwarding, I thought that everything is forwarded to SIEM, apparently I am wrong. Thanks a lot in advance ! Denis _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
