Update Rsyslog.conf file
Update Rsyslog config file to use the Splunk LB for rsyslog rather than one single host.
This commit is contained in:
parent
c600e6fba4
commit
74e536d639
|
@ -161,21 +161,21 @@ kern.* ?r_kern;TraditionalFormat
|
|||
#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%#
|
||||
|
||||
$DefaultNetstreamDriverCAFile /etc/pki/tls/certs/2022-IT-Root-CA.pem
|
||||
# *.* action(
|
||||
# type="omfwd"
|
||||
# target="10.31.20.29"
|
||||
# port="6514"
|
||||
# protocol="tcp"
|
||||
# queue.filename="fwdRule1" # unique name prefix for spool files
|
||||
# queue.maxdiskspace="1g" # 1gb space limit (use as much as possible)
|
||||
# queue.saveonshutdown="on" # save messages to disk on shutdown
|
||||
# queue.type="LinkedList" # run asynchronously
|
||||
# queue.size="500000"
|
||||
# action.resumeRetryCount="10" # 10 retries if host is down
|
||||
# StreamDriver="gtls"
|
||||
# StreamDriverMode="1"
|
||||
# StreamDriverAuthMode="anon" # not authenticated
|
||||
# )
|
||||
*.* action(
|
||||
type="omfwd"
|
||||
target="10.23.176.84"
|
||||
port="6514"
|
||||
protocol="tcp"
|
||||
queue.filename="fwdRule1" # unique name prefix for spool files
|
||||
queue.maxdiskspace="1g" # 1gb space limit (use as much as possible)
|
||||
queue.saveonshutdown="on" # save messages to disk on shutdown
|
||||
queue.type="LinkedList" # run asynchronously
|
||||
queue.size="500000"
|
||||
action.resumeRetryCount="10" # 10 retries if host is down
|
||||
StreamDriver="gtls"
|
||||
StreamDriverMode="1"
|
||||
StreamDriverAuthMode="anon" # not authenticated
|
||||
)
|
||||
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue