Syslog archives - Network technologies and trends
Home > IT Blogs > Network technologies and trends >

Network technologies and trends:

Syslog

Nov 8 2009   6:10AM GMT

Kiwi Syslog Server version 9 comes with some great features



Posted by: Yasir Irfan
Kiwi Syslog, Syslog, Solar Winds, Cisco Devices, SNMP trap messages, thwack, Syslog V9, Kiwi Syslog Server, traffic statistics

 

We all know the importance of logs generated by Cisco Devices. Since long time I am using Kiwi Syslog server to capture the log generated by the Cisco Devices installed in our network. Recently Solar Winds announced the release of Kiwi Syslog Server. Since I was using an old version I downloaded the latest full trail version of Kiwi Syslog Server version 9. In the new version I found some new cool features which are really useful for Network Administrators.

 

Pic Courtesy: Solar Winds

 

With new Kiwi Syslog Server you can access the Syslog data from anywhere on the network using the web access this feature is amazing as its easy for me to look at logs periodically no matter where I am.

  

Some of the key features of Kiwi Syslog Server v9 are as follows.

 

  • View your syslog data from anywhere on the network via web access – NEW FEATURE!
  • Filter messages and create advanced alerts with Advanced Script Processing
  • Log to any database with ODBC logging
  • Schedule archiving and log maintenance by using Automated Log Archive
  • View syslog messages in multiple windows simultaneously
  • Automatically perform actions based on alerts, including sending email, forwarding messages, triggering audible alarms, sending SNMP trap messages, and paging IT staff
  • Retain the original source IP on forwarded messages as one of many advanced forwarding options
  • Forward Windows event log messages from your Windows servers to your Kiwi Syslog Server using the included Log Forwarder for Windows – NEW FEATURE!
  • Produce trend analysis graphs and email syslog traffic statistics
  • Leverage and share user-created rules, filters and scripts with the Community Content Exchange on thwack – NEW FEATURE!

With new Kiwi Syslog Server v9 my day to day activity is somewhat simplified as I can create filters based on host name, IP address or even event based. I just don’t need to look at each and every log.  It does saves lot of time.

For sure you must try the new Kiwi Syslog Server. It does comes in two versions a free one and a full version with lot features.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Jan 7 2009   11:35AM GMT

Solar Winds acquires Kiwi Enterprises, best known for its free management and configuration tools (Syslog).



Posted by: Yasir Irfan
SolarWinds, Kiwi Enterprises, free management, Syslog, Network Management System

SolarWinds announced on 5th of Jan09, it had acquired for an undisclosed sum the assets of New Zealand-based software maker Kiwi Enterprises, best known for its free management and configuration tools.

Picture Courtesy: Solar Winds.

SolarWinds, also known for making freeware versions of its enterprise software available, acquired Kiwi with plans to incorporate the company’s Syslog and CatTools products into its own Orion platform.

“We saw a number of similarities in the products and communities of Kiwi Enterprises and SolarWinds, and expect this acquisition to generate immediate benefit, not only to our respective customer bases, but to the IT community at large,” said Michael S. Bennett, chairman and CEO, SolarWinds. “SolarWinds is committed to delivering deep value to network engineers by addressing their everyday pain, simply and affordably.”SolarWinds will add the Kiwi products, specifically Kiwi Syslog Server and Kiwi CatTools, to its popular line-up of tools for network engineers.  In addition, SolarWinds also expects to use the other software products that it purchased to expand its free tool offerings.


For more details do check the press release from Solar Winds.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Aug 20 2008   6:22AM GMT

What is Service timestamps logging, and how it can be configured Cisco Switch or a Router?



Posted by: Yasir Irfan
Switches, Cisco, Cisco 2950, Cisco 6500, Cisco 3745, Syslog, IOS commands, Router Troubleshooting, Service timestamp

Logging is a quite essential part of a secure network configuration. Logging not only helps the Network Administrators to identify the issue while troubleshooting, also enables them to react to intrusion attempts or Denial-of –Service attacks.

By default  on Cisco IOS , no timestamp information is included; however, you can enable timestamps and also modify the format of the timestamp attached to SYSLOG message by using the service timestamps log global configuration commands as follows:

ITKE(Config)# service timestamps log {uptime |datetime [msec |localtime |show-timezone]}

I will demonstrate how to configure a Cisco IOS Switch to log the datetime and loclatime.

Before Configuring the service timestamps log you will get the following logs in a IOS Switch.

ITKE#sho log

Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

   Console logging: level debugging, 453895 messages logged, xml disabled,

                     filtering disabled

    Monitor logging: level debugging, 0 messages logged, xml disabled,

                     filtering disabled

    Buffer logging:  level debugging, 453895 messages logged, xml disabled,

                    filtering disabled

    Exception Logging: size (4096 bytes)

    Count and timestamp logging messages: disabled

    File logging: disabled

    Persistent logging: disabled

    Trap logging: level informational, 453898 message lines logged

        Logging to 10.0.0.2  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              453898 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

        Logging to 10.0.0.1  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              453898 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

          Log Buffer (4096 bytes):

17w5d: %LINK-3-UPDOWN: Interface GigabitEthernet0/41, changed state to down

17w5d: %LINK-3-UPDOWN: Interface GigabitEthernet0/41, changed state to up

17w5d: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/41, changed state to up

17w5d: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.6(49336) -> 0.0.0.0(23), 1 packet

Now we will configure the Cisco IOS Switch with the Service timestamp log command with date & local time of the Switch by issuing the following command from the global configuration mode. 

ITKE(config)#service timestamps log datetime localtime

Here are the details of log show in the switch after configuring the service timestamps log command

ITKE#sho log

Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)

No Active Message Discriminator.

No Inactive Message Discriminator.

    Console logging: level debugging, 454006 messages logged, xml disabled,

                     filtering disabled

    Monitor logging: level debugging, 0 messages logged, xml disabled,

                     filtering disabled

    Buffer logging:  level debugging, 454006 messages logged, xml disabled,

                    filtering disabled

    Exception Logging: size (4096 bytes)

    Count and timestamp logging messages: disabled

    File logging: disabled

    Persistent logging: disabled

    Trap logging: level informational, 454009 message lines logged

        Logging to 10.0.0.2  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              454009 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

        Logging to 10.0.0.1  (udp port 514,  audit disabled,

              authentication disabled, encryption disabled, link up),

              454009 message lines logged,

              0 message lines rate-limited,

              0 message lines dropped-by-MD,

              xml disabled, sequence number disabled

              filtering disabled

         

Log Buffer (4096 bytes):

Aug 20 09:10:48: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to up

Aug 20 09:10:49: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to up

Aug 20 09:10:55: %SYS-5-CONFIG_I: Configured from console by yasir on vty2 (10.0.0.6)

Aug 20 09:11:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to down

Aug 20 09:11:20: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to down

Aug 20 09:11:22: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.1(44420) -> 0.0.0.0(23), 1 packet

Aug 20 09:11:23: %LINK-3-UPDOWN: Interface GigabitEthernet0/13, changed state to up

Aug 20 09:11:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/13, changed state to up

Aug 20 09:11:37: %SEC-6-IPACCESSLOGP: list 102 permitted tcp 10.0.0.6(49493) -> 0.0.0.0(23), 1 packet

ITKE#

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend