taotetek · July 2, 2015 17:19
diff --git a/gistfile1.txt b/gistfile1.txt
 
 input(type="imudp" port="514" ruleset="to_sagan") # listen for udp on port 514
 input(type="imtcp" port="514" ruleset="to_sagan") # listen for tcp on port 514
 
 ## REMOTE RULES ###############################################################
 
 # send all remote logs to sagan for analysis
 ruleset(name="to_sagan") {
  action(type="omfile" file="|/var/run/sagan/sagan.fifo" template="sagan_template")
 }

	input(type="imudp" port="514" ruleset="to_sagan") # listen for udp on port 514
	input(type="imtcp" port="514" ruleset="to_sagan") # listen for tcp on port 514

	## REMOTE RULES ###############################################################

	# send all remote logs to sagan for analysis
	ruleset(name="to_sagan") {
	action(type="omfile" file="\|/var/run/sagan/sagan.fifo" template="sagan_template")
	}