...
These are the parameters we recommend using to configure each input file.
| The path and filename of the file to monitor. |
|---|---|
| The tag to assign to messages that come from the monitored file. |
| The syslog severity and facility to assign to messages from the input file. |
| The number of events after which the processing status should be updated. This should be set to |
| This is an experimental feature that tells rsyslog to reopen the input file when it was truncated. |
| This is used to tell rsyslog to seek to the end/tail of input files (discard old logs) at its first start (freshStartTail) and process only new log messages. This should be set to on. |
Notice that, in this case, the action is inside a ruleset block. This means that it will be executed only by the input that references that ruleset (in this case, our file reading).
...
Once restarted, go to Data Searchsearch in the Devo web application and look for the table that contains the events with the tag you just set up.
...