Hi All,
I have a UF which gets logs of syslog via UDP:514.
I am trying to set sourcetypes by hosts' IPs but i can't figure this out.
For example, for [host::192.168.0.1] I want to set source type of "wineventlog".
Note:
I don't have an option to separate the logs into different folders by host..
Thanks !
↧