Hi - I'm looking into using Kiwi as a centralized syslog server. I will point all network / linux syslogs to Kiwi and then have Kiwi forward to a SIEM, but I have one question - can Kiwi forward or "replay" syslog messages that have been archived by Kiwi? The use case is if our SIEM were to go down (or even during upgrades), I could re-forward all the syslog messages that were dropped by using the kiwi archives. Is this possible?
↧