I am a newbie and trying to configure NXLog on a windows machine to forward logs to a syslog server. With the below configuration, all events are being forwarded to the server. we need only critical and error level events and only Security and System related events to be forwarded to the server. Below is my configuration:

<Extension _syslog>
    Module      xm_syslog

<Input in>
    Module      im_msvistalog

<Output out>
    Module      om_udp
    Port        514
    Exec        to_syslog_snare();

<Route 1>
    Path        in => out

Could some one help me what changes I should make so that only Critical and Error levels should be forwarded and only Security and System events should be forwarded ?


AskedJune 7, 2016 - 12:00pm

Answer (1)