I'm currently using rsyslog to send logs from a Linux server to QRadar (IBM's SIEM).
However, the server sends a lot of logs and I would like to filter them directly in the rsyslog.conf file. But if I write someting else than
*.* @MyServerIp
no logs are sent. Can anyone help me ?
Thank you !
Asked
Active
Viewed 319 times
1
Gabriel DRAY
- 11
- 3