Seeking advice to on the following :
Q) Can Syslog-ng PE (7.0.29) be setup as a Relay server, ingesting LSH log data using *default-network-source driver which then pipe towards a central Syslog-ng StoreBox (6.0.4)?
Example config done :
source sdnd {
default-network-drivers(
rfc5424-tcp-port(602)
rfc5424-tls-port(6515)
tcp-port(601)
udp-port(514)
flags(sanitize-utf8)
);
};
2 The challenge to this approach happens when trying to create destination & log path towards SSB. Where should it point to ? How do I fit sources from various ports towards SSB? Please advice with example configuration statement if this is a viable approach.
Thank you.