We have proposed to customers a solution of using Kiwi Syslog as a distribution hub for devices which cannot be configured with multiple syslog destinations, or filtering out unwanted events which cannot be achieved using the noise filtering (policy) in LEM. Kiwi Syslog would be configured with rules to forward all to LEM and specific events required to other destinations based on the rules set. This does increase complexity and may not suit all. Having the feature built-in to LEM would be advantageous, but here you have a workaround for now.
↧