Re: Remote logging with autitd

Hi Steve, Many thanks for your response. I will be reading the presentation and the examples in the tarball and go from there for implementing my processing plugin. Regarding the logging to disk on the central server: I have node names set up for both servers now and am now getting the following behaviour: On the client server I can see the events being prefixed with node=Elephant in the log on that server. On the central server I can see that local events are being prefixed with node=Mongoose. However, events that were sent to the central server by the client server show up in the central server's log with node=localhost.localdomain. So it seems that the node information gets lost between the client and central server? Would you have any idea why the node information is lost? Many thanks, Wouter