#nano /etc/rsyslog.com
add ip:port at the bottom
example :
*.*@192.168.10.8:514 --> this is IP Siem, send all log to Siem
kernel.*@192.168.10.514 --> only send logs kernel to Siem
restart services rsyslog
#systemctl restart rsyslog
Thx
Samh
No comments:
Post a Comment