Windows PowerShell is the newest scripting language from Microsoft and leverages the .Net language to provide unparalleled functionality. It would be extremely useful if KIWI Syslog Server would support the ability to write the parsing scripts in PowerShell.
↧
Feature Request: Add PowerShell language to scripting support
↧
RFC 5424 support?
Currently Kiwi Syslog Server 9.x release supports syslog based on RFC 3164. Are there any plans to add support for RFC 5424 in a future release?
Thank you,
David
↧
↧
How to Split Log Files by IP Address and Date in Kiwi Syslog Server
SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple files by IP address and date in Kiwi Syslog Server. Specifically, this syslog server tutorial shows how to store logs in separate folders for each source IP address, and then shows how to keep separate log files for each day within those folders. (e.g., "D:\logs\192.168.000.001\Log2012-07-13.txt")
External link to Jing: autosplit - justinfinley's library
Video Guide:
- 0:00 Opening Kiwi Syslog's configuration dialog
- 0:15 Using an "AutoSplit" variable of "IP Address (4 octets)" (%IPAdd4) in the log path to split logs by IP address
- 0:40 Using an "AutoSplit" variable of "ISO Date" (%DateISO) in the log path to split logs by date
Remember to "LIKE" this if you find it useful - that helps other find it too!
↧
gateway.aspx not in /html/ folder
Hello,
Second installation here. First we had the trial version and did not upgrade for several months, since then two new versions of Kiwi Syslog have come out so I just removed our old installation in order to start fresh with a Licensed copy.
Out of the box I had trouble getting the UltiDev Cassini Web Server to install using the "Kiwi_Syslog_Server_9.3.4.setup" file, so I had to install it manually outside of the installer application in hopes that that would solve the issue, but it does not. The setup application still says I do not have the UltiDev web server installed, but it is installed and I see that http://*.8080 is listed, and the Path to the folder is correct however gateway.aspx is not inside which is giving me the following error:
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /
Not sure where to look from this point. Any ideas?
Thanks in advance!
Mike
↧
Syslog Server Free Version
How large will the syslog log get if using the free version of Kiwi Syslog Server? Also, is there any way to change this setting? Thanks!
↧
↧
Kiwi Syslog rules with time interval
Hello All,
I have created a rule where Kiwi will search for a message within the logs, and email me when this message is found. We have over 100 devices logging to our Kiwi, so this rule does get fired often. I would like to set a time interval filter, so that we will be emailed when the rule is true, but only once every 30 minutes. This part seems easy enough, but I only want the time interval filter applied per host.
i.e.: The rule is fired by a log from Host1. The time interval will stop sending emails for 30 minutes for this host. The rule will continue sending emails though, if other hosts send the same message.
It this possible??
Thanks!
Paul
↧
Migration problem
I've had to move my syslog server (version 9.2) from a Win2K3 server running SQL 2005 where it worked fine to a Win2k3 server running SQL 2000. The Syslog server is set up to log data to database from my WebFilter to a single SQL table using a script to parse a field (Script attached). The problem after doing the mgration is that the script no longer runs or tests properly. I've rebuild the connection string to the new server, it tests ok, but when I paste the new connection string into the script and test it I get an error message "Error occured while running script file "c:\program files\syslogd\scripts\LogHTTPtoSyslogA.txt Error Info: Expected end of statement on line 7 "
Any thoughts on this would be greatly appreciated...
Thanks..
↧
Kiwi Syslog Server Setup Window is Blank
The program was originally setup before I started working here. Recently I was asked to have some data emailed to the IT here, well I opened up the interface, and the Kiwi Syslog Server Setup window is blank, except for the menu items at the top and the buttons at the bottom right.
After some searching around on google, I figured out that the interface was missing a lot of stuff.
Besides the setup interface being blank, the server functions and is performing email tasks that were previously setup.
Any suggestions on resolving this issue?
Kiwi Syslog Server V9.2 licensed, maintenance has expired
Windows 7 Pro 64 Bit
↧
How to encrypt syslog from cisco switch or router into Kiwi syslog?
I want to encrypt syslog from Cisco swirtch or router into Kiwi Syslog.
I read somewhere I can use syslog tls or snmp trap v3
Is that possible using Kiwi Syslog
thanks
↧
↧
Administrator Password Missed; Other way to login
Hi,
I have recently been handed over Kiwi Syslog server to manage which has both Fat Client and Web Server. Fat Client is directly logged in however Web console could not be logged in. When I checked regarding the password of "Administrator", I have been informed that resource handling it has left long ago and there is no one to tell.
Is there a way we can reset the password of Administrator or create a new user from Syslog Fat Client. I cant raise the request with Support as we do not have active maintanence.
Thanks,
Syed
↧
Uninstall Syslog service.
Hi,
I'm trying to uninstall the 14 day trial of syslog server (9.4.1) eval. installed on Windows Server 2003.
There is no uninstall service on the management menu drop down. as per the instructions.
"Using the Service Manager, uninstall the service
Use the Manage | Uninstall the Syslogd service menu."
Some help required please.
Simon.
↧
Question about filtering Windows Security Audit Successes.
Hi All!
I have a problem filtering succesfull security audits from Windows machines in Kiwi.
I have made a priority filter that excludes notices. Also made a message text filter (complex) with sub-string that excludes "Audit Success" and "Success"
However the server console keeps filling up with succesfull audits. Just installed this yesterday, so this is very new to me, sure im overlooking something.
Any suggestions would be very much appreciated! Thanks!
↧
Cisco IPS appliances SDEE support
Dears,
It is a noticeable that Kiwi Syslog Server does not support log collection in SDEE format sent by Cisco IPS appliances and modules, like IPS 4270.
CISCO IOS IPS supports sending syslog messages, however Cisco IPS appliances only support sending messages in SDEE format, which make their collection impossible.
We are wondering if it's in the scope for Kiwi Syslog Server to support SDEE format in its coming versions.
Thanks,
Roland Daccache.
↧
↧
Kiwi Syslog Service Keeps crashing
We have been experiencing an issue with our Kiwi Syslog Service crashing about every other day. We are running version 9 and have a pretty standard setup where we are pushing syslogs from all of our devices in our network. We have quite a bit of stuff logging to our Syslog server and are easily breaching the 200000 maximum message count throughout the day and getting email's. We up'ed that and seem to be doing better however the syslog service continues to fail and will at times restart itself based off of the services recovery failure to restart the service but this is happening way to often.
Has anyone else seen this problem and if so, what kinds of things did you try/do? Is this box just getting pegged so hard that it's causing the service to malfunction and trip up? I'm not a Windows guy but is this issue even Windows related? The only other application we have running on this server is CatTools and it runs clean with no service issues. The systems team has taken a look at the server and believe this to be related only to the Kiwi application itself.
Next Steps: I'm thinking of removing and rebuilding the Kiwi 9 application from scratch to see if this corrects the issue but wanted some direction from the forum if anyone has any good ideas/suggestions.
Thankyou in advance!
↧
After a indeterminate period of time, Kiwi Syslog Web Access gets stuck in timeout
After a period of time, Kiwi Syslog Web Access will timeout and not allow me to log back in. Everytime I click on "Click here to log in" it takes me right back to the Timeout page. Restarting the server SOMETIMES fixes it, restarting the browser/clearing cache does not help at all. What is going on?
↧
Kiwi Syslog not displaying Cisco ASA 5505 syslogs
I have a Cisco ASA 5505 that is setup to send syslogs to a remote syslog server.
I have kiwi syslog (free) installed on a Windows 2003 R2 Server and it is listening on UDP port 514. The syslog server also is my Ciscoworks v3.2 server.
I can ONLY see the Ciscoworks log files and not the ASA. I only want to display the ASA log files.
I have googled, read the user guide, and search the forum and cannot find any procedure that I can tweak Kiwi to log the syslog files from my ASA which is being used as a VPN concentrator.
Any ideas?
↧
Maximum number of TCP connections has been reached. Not accepting connection.
KiWi Syslogd error: Maximum number of TCP connections has been reached. Not accepting connection.
Why? Thanks..
↧
↧
Receive / Filter SNMP traps and forward only traps of interest
Just installed the licensed version based on the SNMP component to do some filtering/forwarding as a temporary work around.
From the product description it looked like this should be possible.
I've searched around the product doco, KB and THWACK but I couldn't find anything specific to receive and forward on specific traps, not all. Is this possible?
There was a similar question part of another thread which went unanswered Re: SNMP forwarding
I do have NPM and know it's possible there, however the amount of SNMP traps being sent is causing performance degradation on the <other vendors> alarming collector so it was intended to use a Solarwinds/Kiwi tool for the SNMP Trap filtering to help the other servers workload.
An NPM license to do just SNMP trap filtering is a bit of an overkill for a temporary solution whilst the customer modifies all their device configs over the next couple of months.
Thanks
↧
Kiwi Syslog Server v9.4.2 - Service Release is now available
We are pleased to announce the release of Kiwi Syslog Server 9.4.2, which for customers under active maintenance can be accessed and downloaded from the SolarWinds Customer Portal. The primary feature in this service release is formal support for installation on Windows Server 2012R2.
Fixes:
- Added support on Windows Server 2012 R2 systems.
- Kiwi Syslog Service startup issue on Windows 2012 Physical systems has been resolved.
- Kiwi Web Access high CPU usage problem is optimized
- Kiwi Web Access session timeout issue has been resolved.
- Added support to install Kiwi Web Access on FIPS enabled systems.
Installation Procedure:
- Customer can install this Release without any prior activity.
↧
Event Log Forwarder - Where is the Audit Failure Type?
Hi There,
I'm trialing Kiwi Syslog and I'm having trouble with the Log Forwarder and Security Event Log. When I click on the Security Log I don't see Audit Success or Audit Failure as an event type. It just has Error, Warning and Information. If I manually edit the CFG file and add <int>16</int> it works, but then it gets overwritten if I make a change. Am I doing something wrong? How can I see Audit Failure as an Event Type?
Thanks,
↧
