Nope. You'd need to periodically pull new records from the eventlog table and keep track of the last eventlog_id
Beware that I personally consider the eventlog to be trash and badly in need of being dumped and rewritten into atleast 2 separate logs, so the format... may vary. :D
It's compliance nonsense you'll never look at though, so I guess format doesn't matter. Just write something to dump the rows and join them into a text string without caring about the field names. That way it won't randomly break on you.
adam.
Stuart Taoro-Ahsin via observium wrote on 31/01/2023 21:11:
Hi All
We have a compliance requirement to forward the observium event log to a separate syslog server or some sort of logstash. Is there any functionality in observium for this? My googlefu seems to be really weak with this query
Kind regards,
Stuart Taoro-ahsin
GPG Fingerprint: 7D0A 3303 A851 5335 95F1 E051 96C1 4368 5763 17BD
observium mailing list -- observium@lists.observium.org To unsubscribe send an email to observium-leave@lists.observium.org