Create Log Distribution Service Policies
To create a Log Distribution Service policy:
- On the main toolbar, click Deployment Manager.
- On the Tools menu, click Distribution, click Log Distribution Services, and then click Policy Manager.
The Log Distribution Policy window appears. - On the File menu, click New.
The Log Distribution Policy Wizard appears. - Select the log sources from which you want to gather messages.
For more information on selecting sources and creating filters, see Filters and Wizards. - Click Next.
- Select an Event Distribution Criteria:
- Include events that meet the include/exclude filters below. Exclude all non-events. Distribute only events that match the filters below and none of the non-events.
- Include events regardless of the include/exclude criteria below. Include any non-events that meet the include/exclude criteria below. Distribute all events and any non-events that match the filters below.
To specify Include and Exclude filters, click New.
The Log Message Filter window appears. For more information on how to use this option, see Filters and Wizards.Include Filters distribute log messages that match at least one filter and do not match an exclude filter.
- If a log message matches any exclude filters, it is not distributed.
- If you do not create any filters, all events and non-events that fulfill the Event Distribution Criteria are distributed.
- Click Next.
Select the Action check box of all the Distribution Receivers to which you want log messages to be distributed.
You must Enable a Log Distribution Receiver before it can receive logs.
- Click Next.
- To use a syslog sender override:
- Select its Override box.
- Enter the new Outbound IP Address and Outbound Port.
- Click Next.
- Type a descriptive Policy Name.
- Type a Policy Description.
- Click OK.
You return to the Log Distribution Policy Manager window.
The new policy is selected and the Status is Disabled. - To enable the new policy immediately, right-click it, and then click Enable.