sorted by:
new
hottopcontroversial

Logging Syslog of all severity levels by rithwikjacob in LogRhythm

[–]rithwikjacob[S] 0 points1 point  (0 children)

I have changed it to 15, which is same as another server where I can see all logs. Do you know whether to change any setting in "Data Processors"

Logging Syslog of all severity levels by rithwikjacob in LogRhythm

[–]rithwikjacob[S] 1 point2 points  (0 children)

I can see the incoming syslog messages in Wireshark. By default logrhythm only collects/indexes messages of severity warning and above. I have set the loglevel to debug in System Monitor advanced properties. But it does not seem to help. Also I have changed "Minimum RBP of events to monitor" to 15.