We have several syslog-ng collectors with UFs on them. The UF monitors the paths and files that syslog-ng generates that we point it to, but I know there are probably several systems sending syslog data that we are missing. Is there a way to point a UF monitor stanza at the top level file path and tell it to monitor everything not matched elsewhere and send it to a specific index so that we can search that index to see what data we're missing?
↧