Hi everybody I am wondering about the following scenario:
- a bunch of rsyslog clients, ALL windows - an rsyslog server, Centos 8 running rsyslog-8.1911.0-6.el8.x86_64 It seems the syntax has changed for v8, compared to versions previous. I am specifying this in my Centos rsyslog server's /etc/rsyslog.conf: /# log every host in its own directory template(name="RemoteHost" type="string" string="/var/log/external/%HOSTNAME%/windows_events-%$YEAR%%$MONTH%%$DAY%.log") # Remote Logging $RuleSet remote *.* ?RemoteHost/ and yet ... all my client windows event manager log entries are logged to the one unique /var/log/messages on my Centos 8. rsyslogd -N1 indicates the config is all fine, and yet ... those lines don't seem to be doing their thing, or the thing I need them to do. Can anyone see any obvious indicator of where I'm going wrong? Thanks for your comments Andrei -- Sent from: http://rsyslog-users.1305293.n2.nabble.com/ _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
