We're configuring our Solaris Weblogic to send via syslog
to Qradar log collector & vendor gave us the steps below:
however, I don't see anywhere in the steps below indicating
IP of the log collector (ie syslog server) & I think some steps
are missing. Can anyone enhance it & add on any missing
1.1 WebLogic 220.127.116.11
Enable configuration auditing by one of these methods:
• Use the Administration Console. Select the Configuration > General page for your domain and set the Configuration Audit Type. See "Enable configuration auditing" in the Oracle WebLogic Server Administration Console Help.
• When you start the Administration Server, include one of the following Java options in the weblogic.Server command:
Causes the domain to emit Audit Events only.
Causes the domain to write configuration auditing messages to the Administration Server log file only.
Causes the domain to emit Audit Events and write configuration auditing messages to the Administration Server log file.