My linux-based DHCP server running ISC DHCPD is running systemd and puts the dhcpd logs into the central logging system without creating a distinct dhcpd.log file. Instead I have to look at the logs with this command:
journalctl -u isc-dhcp-server
So I can no longer simply point my UF to the old dhcpd.log file for import into Splunk. How can I get these logs into Splunk?
↧