SYSLOG Output Format Into-Entity Syntax
| <into-entity> | ::= |
<action> [ , <action> ... ] | SYSLOG |
| <action> | ::= |
<send_server> | <send_file> | <send_user> |
| <send_server> | ::= | @<server_name>[:<port>] |
| <send_file> | ::= |
<filepath> | STDOUT |
| <send_user> | ::= | <user_name> |
- The name or address of a Syslog server, preceded by an at character ("@") and optionally followed by a port number; when no port number is specified, the SYSLOG output format will use port 514;
- The path of an output filename;
- The STDOUT keyword, which specifies that the output data is to be written to the output stream (the console output);
- The name of a user, to which Syslog messages will be sent through the Windows alerter and messenger services.
When a configuration file has been specified through the "conf" parameter,
queries are allowed to not provide an INTO clause at all;
if an INTO clause is used, its into-entity must be specified as "SYSLOG".
When a configuration file has not been specified, the INTO clause is mandatory and it
must contain at least one valid action.
Actions specified in the into-entity are processed as configuration rules having a selector that matches all messages, with a "*" facility value and an "emerg" severity value.
Examples:
INTO SYSLOG
INTO @MYSERVER02:515
INTO \\COMPUTER01\Reports\report.txt
INTO MYUSER
INTO @MYSERVER01, C:\MyLogs\Infos.txt, STDOUT, MYUSER, @192.168.1.100:515