Stackato Log Source - How to add

Enable Stackato logs

EventLog Analyzer automatically adds and collects your Stackato logs upon executing the following command

$kato config set logyard drainformats/<Format Name>[<PRI>{{.Text}}]
$kato drain add <Drain Name>udp://EventLog Analyzer Server>:<udp_port> -f <Format Name>

Add Windows Hosts

Note:
<Format Name>,<Drain Name> and PRIare user defined values.

Example:

$kato config set logyard drainformats/systail-ela-local[{<13>{{.Text}}]

$kato drain add ela udp://ELA:514 -f systail-ela-local

By default, EventLog Analyzer uses 513 and 514 as default UDP ports. In case if you have changed the UDP port number, specify the same here.

Logyard will now drain all the logs in the format name as specified to EventLog Analyzer's UPD port number as give. EventLog Analyzer can now collect all the stackato logs as syslogs and analyze them with special reports.