Log files which KIWI Syslog generate is in text format. Is it possible to encrypte this file or change the format of log files some how?
↧
Security of log files
↧
Multiple Web access accounts
Is it possible to have multiple web access accounts for Kiwi syslog?
↧
↧
Kiwi Syslog 9.3.2 is now Generally Available
Kiwi Syslog 9.3.2 is now Generally Available.
For customer with active maintenance, you should see it in your portal.
Here are the changes in this release:
Adds-
- Support for Displays extended from 10 to 25 displays
- Extended to support sending of secure emails via SMTP over SSL/TLS
Fixes –
- Fixed Scheduled Archive: Not working as per Files age selected.
- Fixed Web Access - Add/Delete filter causing - Status Code: 500 Error.
- Application is sometimes unresponsive at start up for couple of minutes.
- Increased max size set to 1000 to prevent “MailMaxMessageSend" errors.
If you need a copy of the latest documentation, let me know, we will be getting that on to the website KiwiSyslog.com soon.
Brandon
↧
Syslog message
Which method should be used to calculate a Syslog message priority?
↧
Does Kiwi Syslog server 9.4 support SNMP v3?
Does Kiwi Syslog server 9.4 support SNMP v3?
↧
↧
Kiwi Syslog Server Setup Window is Blank
The program was originally setup before I started working here. Recently I was asked to have some data emailed to the IT here, well I opened up the interface, and the Kiwi Syslog Server Setup window is blank, except for the menu items at the top and the buttons at the bottom right.
After some searching around on google, I figured out that the interface was missing a lot of stuff.
Besides the setup interface being blank, the server functions and is performing email tasks that were previously setup.
Any suggestions on resolving this issue?
Kiwi Syslog Server V9.2 licensed, maintenance has expired
Windows 7 Pro 64 Bit
↧
Trying to filter link up or down trap messages on a switch...
I am trying to filter out messages on a filter I have. I have a filter for a specific ip address range but I need to also filter out "link down trap" and "link up trap". I receive these messages anytime a port on the switch is active and inactive. Any thoughts??
Thanks
↧
Can SolarWinds Log forwarder be use to parse and forward Radius logs
Hi,
I have a Windows NPS server, and I need to be able to forward the logs to a syslog server. Would Solarwinds log forwarder be able to do this?
Thank you
↧
Kiwi Syslog Server High CPU Utilization - Messages Seem to be behind
The CPU on my Kiwi Syslog Server is Pegged. Here is the Diagnostic info file from the server.
Kiwi Syslog Server [Registered] Version 9.0.3
/// Kiwi Syslog Server Statistics ///
---------------------------------------------------
24 hour period ending on: Wed, 08 Sep 2010 14:44:34
Syslog Server started on: Wed, 08 Sep 2010 13:37:39
Syslog Server uptime: 1 hour, 7 minutes
---------------------------------------------------
+ Messages received - Total: 1098753
+ Messages received - Last 24 hours: 1098753
+ Messages received - Since Midnight: 1098753
+ Messages received - Last hour: 996804
+ Message queue overflow - Last hour: 416654
+ Messages received - This hour: 101949
+ Message queue overflow - This hour: 12336
+ Messages per hour - Average: 996804
+ Messages forwarded: 769810
+ Messages logged to disk: 1194581
+ Errors - Logging to disk: 0
+ Errors - Invalid priority tag: 0
+ Errors - No priority tag: 2
+ Errors - Oversize message: 309
+ Disk space remaining on drive E: 41554 MB
Breakdown of Syslog messages by severity
+--------------------+------------+------------+
| Message Level | Messages | Percentage |
+--------------------+------------+------------+
| 0 - Emerg | 0 | 0.00% |
| 1 - Alert | 2753 | 0.25% |
| 2 - Critical | 496 | 0.05% |
| 3 - Error | 5745 | 0.52% |
| 4 - Warning | 103603 | 9.43% |
| 5 - Notice | 42938 | 3.91% |
| 6 - Info | 775902 | 70.62% |
| 7 - Debug | 167316 | 15.23% |
+--------------------+------------+------------+
Custom statistics
-----------------
CustomStats01: 0
CustomStats02: 0
CustomStats03: 0
CustomStats04: 0
CustomStats05: 0
CustomStats06: 0
CustomStats07: 0
CustomStats08: 0
CustomStats09: 0
CustomStats10: 0
CustomStats11: 0
CustomStats12: 0
CustomStats13: 0
CustomStats14: 0
CustomStats15: 0
CustomStats16: 0
End of Report.
DNS Cache size 20000
DNS Cache entries 2
Entries in queue 0
DNS Cache hits 0
DNS Cache misses 0
DNS Cache TTL 1440 minutes
Total DNS Lookups 0
Successful cache hits 0%
IP Address Hostname TTL (minutes)
127.0.0.1 localhost Static
::1 localhost Static
Message Buffer Information
==========================
Message Queue Max Size: 20000
Message Queue overflow: 428990
Message Count: 19932
Message Count Max: 20000
Percentage free: 1
E-mail Buffer Information
==========================
Message Queue Max Size: 1000
Message Queue overflow: 0
Message Count: 0
Message Count Max: 13
Percentage free: 100
↧
↧
Problem with filtering in Kiwi Syslog
I am setting up a kiwi syslog server. Running into a problem with the filtering not working the way I would expect. I have used Kiwi but that was several years ago. I have setup a display for a specific switch and have tried several different filter possibilities but still getting syslog messages on the display that dont belong to the switch I am trying to watch.
I have tried a ip address - simple filter with the ip address of the switch "10.1.1.2". On the cisco switch, I have used the command logging source-interface vlan 254 which should send out the syslog messages using the ip address in the simple filter I setup. I have also tried the hostname option with the hostname of the switch "Switch1" but same problem.
It has got to be something simple but so far I havent found the problem. Since this is the free version, I know I cant call Solar Winds support.
Any suggestions are appreciated.
Ron
↧
KIWI SYSLOG lost its license & will not run after win 2k8r2 fixes update
Case #727763
Hello:
i need some help
After the server kiwi syslog server was updated for new MS security fixes. The kiwi syslog s/w lost it’s license.
When I tried to reinstall the license , we get another error telling us that “ we do not have enough privileges to active a license”
we are running a full system user that has full privileges
we then uninstall the kiwi syslog sw.
reboot the win 2008 R2 server
we than try to install “ Kiwi_Syslog_Server_9.3.4.setup” with web server click on
we get another error “the error code is 2869”
we then uninstall the kiwi syslog sw.
reboot the win 2008 R2 server
we than try to install “ Kiwi_Syslog_Server_9.3.4.setup” without web server clicks
we get another error telling us that “ we do not have enough privileges to active a license”
THE FOLLOWING INTERNAL PROGRAM ERROR HAS OCCURRED:
even though the version is 9.3.4 this error shows 9.3.3
Standard Version 9.3.4
Error Number: -2146233088
Description: Automation error
Module Name: License.cls
Procedure Name: Class_Initialize
Line Number: 50
Date and time: 04/12/2014 9:26:21 PM
i tried run v 9.4.1 it starts and then it ends
↧
SNMP Traps
My Kiwi syslog server will only receive snmp traps if I have both 'SNMP Traps' and 'UDP syslog' inputs selected. When the messages are received, they are not being translated which makes me think they are not going through the 'SNMP Trap' input and only being processed by the UDP input. The MIB database has the correct MIBs loaded for the messages being sent.
I have no filters running on the rule and the network device is configured correctly. What am I missing?
↧
Log Forwarder for Windows (available to all Kiwi customers on maint)
What it does:
Log Forwarder for Windows allows you to forward Windows events as Syslog to your Kiwi Syslog Server
- Works on Windows XP, 2003, Vista, and 2008 (32-bit or 64-bit)
- Provides .MSI version for silent installs, allowing use with remote software distribution systems (e.g., Microsoft SMS)
- Enables definition of filters that describe which events are forwarded
How to get it:
If you download the Kiwi Syslog Server 9.0 from your customer portal, you will see there is an additional Log Forwarder executable included with your download. The Log Forwarder for Windows was developed by the Kiwi Syslog team. It is available at no cost to Kiwi Syslog customers current on maintenance.
Try it out and let us know what you think!
↧
↧
How to load-balance Kiwi Syslog servers
I've got a set of 3 Kiwi servers sitting behind an F5, which I *thought* would effectively load balance the incoming syslog volume (I'm seeing around 5-8million messages per hour, and we haven't really turned everything on yet).
The problem, I just discovered, is that F5 load balances based on connections, not messages/packets. So round robin isn't round robin since most of my sending systems are passing new messages (and therefore creating a connection) more than even the lowest "disconnect after" option on the F5 (which is 1 second).
So my first server is maxing out at about 5million MPH and 0% buffer, while server 02 gets 2million messages and 80% buffer, and server 03 gets barely anything at all.
Has anyone else tried this, and have you found a work around (it doesn't have to be an F5. I just need the ability to create a pool of Kiwi servers and have all the systems in my enterprise sending to ONE ip address.
Thanks!
- Leon
↧
Adding devices to the Kiwi Syslog free version
Prior to receiving syslogs from the 5 devices (this is the limit in the free version) they will need to added under Setup\Inputs section. See below:
↧
Install Woes
Team,
My company purchased the full version of Kiwi Syslog Server and we started by uninstalling the free version. Once we started the install process, the process hung, then died. This happened after reboots as well. Looking at the processes, it appears the installer begins, copies some files into a temp directory, and starts a file called SWMaintDateCheck.exe. After some time, both processes die and the installation never continues. There is no error message, no log file (that I can find), and no other indicator.
Any suggestions?
Ray
↧
Kiwi Syslog Web Access Filter Wildcard?
My question is - in creating a Kiwi (v9.0.3) Syslog Web Access filter to filter on a certain string within the Syslog message text, is there a wildcard character that I can use? Thanks for any help! bp
↧
↧
Kiwi Syslog Server Log Location won't change.
Hey all,
I have recently taken over a sys admin position, and am required to move the location of the Kiwi Syslog Server logs to another file location. I have never used it prior. However, I can't seem to move the file.
Kiwi Syslog Server 9.2.1 (Free version.)
Windows Server 2003 SP2 (WORKGROUP)(VM)
Current configuration:
Log to Log File
Path and file name: C:\Program Files\Syslogd\Logs\SyslogCatchAll.txt
If I test the configuration, I can see the test messages in the location noted about. However, after I apply the settings, the older location (a CIFS share) continues to receive the actual syslogs of the devices we monitor.
There are three local users, all of which show the same configuration.
I have tried deleting and recreating the Log to Log File rule. No change.
I have tried starting and stopping the service. No change.
I have tried exporting the system settings, and then reimporting them. No change.
I have tried searching the registery for the old location. Nothing found.
I have two theories.
1. The settings are locked for some reason.
2. The settings are stored somewhere else.
Any help would be great.
Thanks,
Aaron
Solarwinds Padawan
↧
Security of log files
Log files which KIWI Syslog generate is in text format. Is it possible to encrypte this file or change the format of log files some how?
↧
Kiwi - Palo Alto User ID agent
I have written a perl script to take data from Kiwi, parse out some information and pass it into our Palo Alto UserID agent. It runs fine when I pass the message in on the command line but when I have kiwi run it (so to pull the data from kiwi) it fails with an error:
Error Info: invalid charater on line 1
My script looks like this:
sub Main() {
use PAN::API;
$string = Fields.VarCleanMessageText;
$SERVER = '127.0.0.1';
#Extract user and IP from string
if ($string =~ /(\w+)([.+]|(\s))(\w+)(\s|\+|.)(\d+\.\d+\.\d+\.\d+)/) {
$delim = ($3 eq "+") ? " " : $3;
$username = "$1\\$2$delim$5";
$ip_address = $7;
}
print "$username : $ip_address \n";
# Create User ID API connection
$uid=PAN::API::UID->new($SERVER);
#Post data to agent
$uid->add('login',$name,$address);
$uid->submit();
return "OK"; #return value for Kiwi
}
Thanks for any guidance.
Kevin
↧