So I tried searching to see if this question was asked before but nothing came up. (at least in regards to this question)
I am installing this on our 2012R2 windows servers so they can forward logs to kiwi.
for the default syslog facility setting, which should I pick if I want to forward say applications, security and system?
Whatever I think closely matches that? The docs don't discuss this in any real detail other than to mention network devices (which I already knew) and unix.
Thanks in advance.
Solved! Go to Solution.
I would recommend creating 3 subscriptions one each for applications, security and system. You will probably want to only send errors for applications and system, and failed audits for security.
I was able to reach someone at support on this, i didn't realize that those were just separators really and it doesn't really make a difference until you start using filters on which one you pick.
So i ended up putting them under the logs-audit category.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.