rsyslog - has some one been able to use omudpspoof feature with SSIM?
I am using Rsyslog as a syslog forward to SSIM.
This is Redhat Entperise 6.4 (64 bit).
The issue is I need to keep the original source IP address of the security devices that are sending to Rsyslog when I forward them to SSIM.
In other works....
I have all security syslog devices being forward to my Rsyslog server.
Which in turns sends all these syslogs to my SSIM server.
This works with no problem.
This issue the source IP address is now the IP address of the Rsyslog server and not the original security syslog device IP address.