Dear All,
I want to create filter in syslog server to view the windows logon and logoff (event logs).
Please help me to create the filter.
↧
How to create filter in kiwi syslog web access to filter only windows logon events
↧
Kiwi Syslog 9.5 Release Candidate is now Available!
The Release Candidate for Kiwi Syslog Server 9.5 is now ready! The new Kiwi Syslog version is packed with great new features and improvements. RC is the last step before general availability, and it is a chance for existing customers to get the newest functionality before it is available to everyone else. You can download it from the LATEST DOWNLOADS FOR YOUR PRODUCTS section of the customer portal. Change filter to "Release Candidate" and click on download button next to Kiwi Syslog RC version.
This release contains various improvements such as
- SNMP v3 Trap support
- SNMP Trap Forwarding
- Trap fields to VarBinds Elements in Output
- Logging to Papertrail cloud
- IPv6 Support
- Statistics email reports based on different interval
- Ability to create more than five web console users
RC builds are made available to existing customers prior to the formal release. These are used to get customer feedback in production environments and are fully supported. If you have any questions I encourage you to leverage the KSS forum on thwack.
Now go and download new version now!
↧
↧
Configuration Syslog
Hello Dear!
I configured in some Nobreaks UPS the Syslog. I have the feature Kiwi Syslog Server for monitoring.
But when nobreak send a Week tests, the following error are displayed:
| 05/25/2015 | 22:58:48 | UPS: Restored the local network management interface-to-UPS communication. |
| 05/25/2015 | 22:58:33 | System: Network service started. IPv6 address FE80::2C0:B7FF:FE96:4BAD assigned by link-local autoconfiguration. |
| 05/25/2015 | 22:58:30 | System: Network service started. System IP is 192.168.42.143 from manually configured settings. |
| 05/25/2015 | 22:58:24 | System: Network Interface restarted. |
| 05/25/2015 | 22:58:30 | System: Network service started. System IP is 192.168.42.143 from manually configured settings. |
| 05/25/2015 | 22:58:24 | System: Network Interface restarted. |
| 05/25/2015 | 22:58:13 | System: Network service information. Detected duplicate IP address on D4 3D 7E 0A DD 49. |
This problem just occurs on the nobreaks with the VLAN: 42. The others are working normally.
Can You help me?
Thank You in advance!
Regards Andre
↧
Monitor Cisco Firewall and Router "Bad Password" Attempt Failures
I am setting up Cisco Routers and assorted firewall with Kiwi to listen and alert on Bad Passwords with little success. I have also allowed SNMP. Has anyone have success with doing this and have any examples of the Cisco devices. We are using an assorted number of Cisco Routers, Switches, ASA firewalls, and VPN 3000 series gear.
logging trap errors
logging source-interface Ethernet0/0
logging 172.16.7.57
snmp-server community readmib RO
snmp-server enable traps snmp
snmp-server enable traps syslog
snmp-server host 172.16.7.57 traps writemib
!
↧
Please Help ME out in this Problem. Stop Receiving Logs in MY KIWI after few days !!!!
Hi,
i install KIWI Syslogs EVAL version in Windows XP and make my mail server send the logs to the KIWI server through as switch. Yes it work Perfectly and it receiving the logs from the mail server ((( but )) after Few days (3days) is is stop receiving logs from server ??? the server run and it is logs screen work in the server side, not a problem of the server. i only restert my PC and again it work fine by receiving logs but again after few days it stop receiving logs and again i restart the PC and it work fine, i can't restart a every time.
this a diagram for my network
please Help me out in this problem !
regards
↧
↧
Free Kiwi syslog server - on install shows "Evaluation Expired" on Web access screen
I downloaded the the Free Kiwi syslog server ver 9.2.1, installed it on a Windows 2008 R2 64 bit server. The Kiwi Sysog Web access screen shows "Evaluation Expired" on the top right after the install. I thought it was free product!
I see alerts showing up on Kiwi Syslog Service Manager, but not on the Kiwi Syslog Web access.
Does anyone know if the Kiwi Sysog Web access screen is not showing because of the "Evaluation Expired" sign on the top right? If so, can someone give me some ideas to fix it.
Thanks !
↧
Kiwi syslog server external DB
Hello,
my kiwi web access database is 4gb great. And i have some timeout errors executing filters.
I am trying to use an external MSSQL DB with kiwi syslog server.
Is possible for Web access to use this external DB?
Thanks
↧
Kiwi Syslog Server 9.4 Free Collecting SNMP from GNS3 Cloud
This is probably me being silly.
I have defined a cloud MS loopback from GNS3 emulated router. Wireshark can see the packet. If I replace Kiwi with a quick VB programme it can see the record but I can not get Kiwi to display the record.
Regards Conwyn
Waiting for broadcast
Received broadcast from 10.10.10.1:65347 :
0j☻☺ ♦♠public?]♠ +♠☺♦☺ +☻@♦
☺☻☺♠☻☺☺C♥6"[0?0‼♠♫+♠☺♦☺ +☺☺♠☺♥‼☻☺☺0‼♠♫+♠☺♦☺ +☺☺♠☺♦‼☻☺☻0‼♠♫+♠
☺♦☺ +☺☺♠☺♣‼☻☺♥
Waiting for broadcast
Here is Kiwi
↧
Kiwi Syslog Server 9.4.1 - Active Directory Settings
Has anyone configured Active Directory Settings in Kiwi Syslog Server 9.4.1? Below are the available Active Directory Settings available in the Web Access interface under the Admin Tab.
- Domain URL: <Free Form Box> My domain prepopulated correctly.
- Authentication Type: <Free Form Box>. Is this supposed to be NTLM, Kerberos, etc?
- User Groups: <Free Form Box> Does the format need to be LDAP based?
↧
↧
Kiwi syslog - 2011-03-18 10:54:01Licensed action was found in settings and disabled.
Kiwi syslog stopped collecting information. The view error log button is red and blinking. When i click to view the log
is see the below message repeating itself:
2011-03-18 10:54:01 Licensed action was found in settings and disabled.
2011-03-18 10:54:01 Licensed action was found in settings and disabled.
2011-03-18 13:37:56 Licensed action was found in settings and disabled.
2011-03-18 13:37:57 Licensed action was found in settings and disabled.
2011-03-18 13:37:57 Licensed action was found in settings and disabled.
↧
Kiwi Syslog not displaying Cisco ASA 5505 syslogs
I have a Cisco ASA 5505 that is setup to send syslogs to a remote syslog server.
I have kiwi syslog (free) installed on a Windows 2003 R2 Server and it is listening on UDP port 514. The syslog server also is my Ciscoworks v3.2 server.
I can ONLY see the Ciscoworks log files and not the ASA. I only want to display the ASA log files.
I have googled, read the user guide, and search the forum and cannot find any procedure that I can tweak Kiwi to log the syslog files from my ASA which is being used as a VPN concentrator.
Any ideas?
↧
log forwarder and dhcp auditing?
I am needing to forward all of our DHCP audits to the syslog, however I cannot figure out how to do that with the Log Forwarder. Which source do I use in the Event Viewer? The audit is logged to a file. Is there any way to forward changes to files?
↧
.NET 3.5 install required, why?
During the install for Syslog 9.3.4, I am prompted to install .NET 3.5. However, we do not install the Kiwi Syslog Web interface, so why must we install .NET? This install forces IIS to be installed, which we do not want running and do not need!
↧
↧
Event ID monitoring
Hello Thwack Community,
I am trying to set up some event log monitoring/alerting with Kiwi and I'm running into some issues.
The plan is to setup some east filter/actions to watch for certain event ID’s and then email when they are triggered.
Currently I am testing my setup using the Log Forwarder test alerts and am filtering for “MSWinEventLog 3”
Here is a copy of my filter.
However, when I trigger the test alert from the Log Forwarder, I can see where it hits the Kiwi system, it is logged. But no alerts are sent out, no email is generated in the queue. Nothing. Not sure what I am doing wrong. But any help would be appreciated.
↧
Kiwi Syslog rules with time interval
Hello All,
I have created a rule where Kiwi will search for a message within the logs, and email me when this message is found. We have over 100 devices logging to our Kiwi, so this rule does get fired often. I would like to set a time interval filter, so that we will be emailed when the rule is true, but only once every 30 minutes. This part seems easy enough, but I only want the time interval filter applied per host.
i.e.: The rule is fired by a log from Host1. The time interval will stop sending emails for 30 minutes for this host. The rule will continue sending emails though, if other hosts send the same message.
It this possible??
Thanks!
Paul
↧
Xceedzip.dll and Security vulnerability
I use Secunia PSI: http://secunia.com/vulnerability_scanning/personal/
to keep my system up to date with security patches and it has identified xceedzip.dll as vulnerable.
I believe that Kiwi Syslog uses this DLL.
As this is a Security issue can you please advise me if you will be able to replace just the DLL with one that resolves the issue?
This is the output from Secunia PSI:
Xceed Zip Compression Library 6.x 1 Insecure 6.0.6221.0 6.5.10316.0 Install Solution
Detected Instances:
C:\Windows\SysWOW64\XceedZip.dll, version 6.0.6221.0
Latest Version - patching one or more vulnerabilities:
6.5.10316.0
I notice in other posts v6.5.9562.0 was made available but this still contains the vulnerability.
↧
Maximum number of TCP connections has been reached. Not accepting connection.
KiWi Syslogd error: Maximum number of TCP connections has been reached. Not accepting connection.
Why? Thanks..
↧
↧
syslog upgrade from 9.0
Hello, I have Kiwi Syslog version 9.0.
What upgrade path must I follow to get to the latest.
Thanks
E
↧
Event Log Forwarder - Where is the Audit Failure Type?
Hi There,
I'm trialing Kiwi Syslog and I'm having trouble with the Log Forwarder and Security Event Log. When I click on the Security Log I don't see Audit Success or Audit Failure as an event type. It just has Error, Warning and Information. If I manually edit the CFG file and add <int>16</int> it works, but then it gets overwritten if I make a change. Am I doing something wrong? How can I see Audit Failure as an Event Type?
Thanks,
↧
Administrator Password Missed; Other way to login
Hi,
I have recently been handed over Kiwi Syslog server to manage which has both Fat Client and Web Server. Fat Client is directly logged in however Web console could not be logged in. When I checked regarding the password of "Administrator", I have been informed that resource handling it has left long ago and there is no one to tell.
Is there a way we can reset the password of Administrator or create a new user from Syslog Fat Client. I cant raise the request with Support as we do not have active maintanence.
Thanks,
Syed
↧