Hi
is it possible to stream KMD logs to an off box syslog collector
Currently i have this configuration (see below) in place but i only appear to be getting logs relating to Firewall rules and general traffic session creation, i did read a KB article which said high end models were not able to use string filters defined in system > syslog > host : match
{primary:node0}[edit system syslog]
host x.x.x.x{
any any;
match RT_FLOW_SESSION_DENY;
source-address y.y.y.y;
structured-data;
{primary:node0}[edit security]
stream remote_log_server {
format sd-syslog;
host {
x.x.x.x;
port 514;
}