The Syslog daemon can be configured to write incoming packets to a database on the "Syslog to Database" tab, where one or more databases can be added to the list by clicking the "Add" button.
Settings
By default, all Syslog messages received will be sent to the specified database(s). To change this behavior, certain messages can be excluded from being added to the database (include all, exclude some), or only specific Syslog messages can be sent to the database. Manage inclusions and exclusions with the + and - icons.
Include: Log all Syslog messages to the database, except for exclusions below
This is the default setting, and sends all Syslog messages to the database. Syslog messages containing strings that are listed below will be filtered to reduce noise, wildcards are supported.
Exclude: Only log Syslog messages to the database that are included below
This setting is more restrictive and only sends Syslog messages to the database that match the filters listed, wildcards are supported.
More details on the filter syntax are explained in the "Syslog to Event Log" chapter. |