Hi, "Rodney Bizzell" <hardworker30@gmail.com> írta 2018-11-05 15:10-kor:
I want to make sure that my local logs on my syslog box are being sent to my graylog host what config changes do I need to make to ensure that is configured correctly. Can I have an example for illustration. Thanks.
You mean, all of your local logs catched through the /dev/log socket on your system, and the rest. In practical terms: what the system() source collects all should be forwarded towards the graylog server. Am I understand your goal right?
log { source(s_net); destination(d_graylog); }; log { source(s_sys); filter(f_default); destination(d_graylog);};
In this case the second line should not have a filter() statement, just like your first line: In your first log statement you send every log message collected on the s_net source to d_graylog. If you want to do the same with the local logs _unfiltered_, then you have to remove the filter(f_default); statement from the log path definition. Regards, Gyu