I am a newbie and trying to configure NXLog on a windows machine to forward logs to a syslog server. With the below configuration, all events are being forwarded to the server. we need only critical and error level events and only Security and System related events to be forwarded to the server. Below is my configuration:
<Extension _syslog> Module xm_syslog </Extension> <Input in> Module im_msvistalog </Input> <Output out> Module om_udp Host 192.168.1.25 Port 514 Exec to_syslog_snare(); </Output> <Route 1> Path in => out </Route>
Could some one help me what changes I should make so that only Critical and Error levels should be forwarded and only Security and System events should be forwarded ?