Hi Mus,
Thanks for the above post!!
I have read the docs of forwarding the data to third party.Below is my current scenario:
I have modified the conf files in \etc\System\local
1.inputs.conf:
[default]
host = WIN-ICJS9A8T038
[WinEventLog:Security]
disabled = 0
start-from = oldest
current-only=0
evt-dc-name =
evt-dns-name =
evt-resolve-ad-obj = 0
checkpointinterval = 5
[WinEventLog:System]
disabled = 0
start-from = oldest
current-only=0
evt-dc-name =
evt-dns-name =
evt-resolve-ad-obj = 0
checkpointinterval = 5
2.outputs.conf:
[syslog]
defaultGroup=mysyslog
disabled = false
[syslog:mysysloggroup]
server=10.210.155.131:514 # the IP of the Linux machine
type=udp
3.props.conf
[WinEventLog:security]
TRANSFORMS-routing = sendtosyslog
[Perfmon:Network Interface]
TRANSFORMS-routing = sendtosyslog
[syslog]
TRANSFORMS-routing = sendtosyslog
But i am unable to recieve the logs on linux machine.Cau you plz help to resolve the issue.
Thanks.
... View more