SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple displays in Kiwi Syslog Server.
(EMBEDDED VIDEO - COMING SOON)
External link to Jing: Multiple Displays - justinfinley's library
Video Guide:
- 0:00 Unfiltered display (Display 00)
- 0:10 Showing the rule that sends all messages to Display 00
- 0:20 Changing the unfiltered display from Display 00 to Display 05
- 0:25 Checking that the switch happened
- 0:35 Adding a new filter rule looking for the word "logon" and sending it to Display 01
- 1:20 Adding a new filter rule looking for the word "logoff" and sending it to Display 02
- 2:05 Checking that the new filters work
- 2:25 Renaming "Display 05" to "All Messages"
- 2:45 Renaming "Display 01" to "Logon" and "Display 02" to "Logoff"
- 3:10 Checking that the display renaming worked
Remember to "LIKE" this if you find it useful - that helps other find it too!