I would like to configure Syslog to save the log in a seperate file every day. Is that doable or is this is a paid version feature only, not sure, please advise.
Thanks,
↧
Kiwi syslog individual log file daily
↧
9.5 Stat. about SNMP TRAP forward action ?
Hi
I think that forward stat. action is is counting syslog only and not SNMP TRAP
Will be nice to have counters about that action as well.
↧
↧
Setting Up a Syslog Server
Dear All,
We are planning to setup a syslog server. i.e, move from Orion inbuilt syslog to kiwi syslog.
We are not utilizing orion inbuilt at this point to fullest. Just few devices are configured to send logs to this inbuilt syslog
We have around 5 devices per centers across 60 location (13 Countries)
1) 2 Routers
2) 1 Bandwidth Shaper
3) 2 Switch Stacks
4) 1 WLC with 10 APs minimum
Total=250 Devices.
I would like to what is the best approach.
1) How many syslog license i should be looking at?
2) What kind of server configuration is required ?
3) We need a log retention policy of 15 days. Should I consider to setup a DB to for log storage?
4) Can the Orion inbuilt syslog write messages to external DB storage
↧
How to backup Kiwi Syslog Server?
Dear all,
I would like to know how to backup a Kiwi Syslog Server. We are installing this in VM, but the environment only has NetBackup.
I know that I can export the data out as log file for backup, but how about backup when log are still in the Kiwi Syslog Server database?
I am not able to find any reference in the Admin guide.
Best Regards,
Rayson Wong
↧
Sending events from Cisco 3750 switch
Hello,
I am trying to send events from a Cisco 3750 switch to our Kiwi syslog server but am unsure of the config for the switch.
Should the following work:
Switch (config) # logging on
Switch (config) # logging Syslog Server IP
Switch (config) # logging trap error
This command will send (Error 3) events (0-3) to the Kiwi server via UDP514. Is this the supported method of transfer?
Should this work or is there a "Supported" switch configuration that I should be using.
Thank you,
Chris
↧
↧
Can't start Kiwi Syslog Service - Logon Failure
After installing the permanent license for Kiwi Syslog server the Syslog service will not start. It started without problems when running as the trial version. No errors appear in the Kiwi Syslog error log, but the Windows event viewer shows the following error: The Kiwi Syslog Server service failed to start due to the following error: The service did not start due to a logon failure. I can't find anything in the Kiwi Syslog documentation about having to login. The OS is Windows 2008 R2. I am starting the Syslog service from Service Manager > Manage, and Service Manager was Run As Administrator. Is this a known problem? Thanks, Glenn
↧
Kiwi Syslog not capturing syslogs
Installed Kiwi Syslog Free version 9.3.4 on Windows Server 2008 R2. Trying to capture syslog from a Cisco ASA 5510. I have confirmed that the syslog events are hitting the server with Wireshark. Nothing is coming through to Kiwi Syslog. Current settings are all default. No filters in place. Not sure what is wrong as I can see the syslog messages coming through Wireshark. Any ideas as to why the syslog messages are not being seen by Kiwi?
↧
How to Split Log Files by IP Address and Date in Kiwi Syslog Server
SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple files by IP address and date in Kiwi Syslog Server. Specifically, this syslog server tutorial shows how to store logs in separate folders for each source IP address, and then shows how to keep separate log files for each day within those folders. (e.g., "D:\logs\192.168.000.001\Log2012-07-13.txt")
External link to Jing: autosplit - justinfinley's library
Video Guide:
- 0:00 Opening Kiwi Syslog's configuration dialog
- 0:15 Using an "AutoSplit" variable of "IP Address (4 octets)" (%IPAdd4) in the log path to split logs by IP address
- 0:40 Using an "AutoSplit" variable of "ISO Date" (%DateISO) in the log path to split logs by date
Remember to "LIKE" this if you find it useful - that helps other find it too!
↧
Kiwi Syslog Server Log Questions.
Hi Guys,
I am totally new with Kiwi Syslog software and I've been assigned to assist with the installation of the software on a Windows Environment on our customer site. However I need some answers to these questions below. I can't seem to find them online.
Appreciate the help given.
1. What is the maximum event per second that syslog server can handle ?
2. What is the maximum size for the database to keep the log ? Can it use enterprise database such as mssql ?
↧
↧
How to detect clients that stop sending Syslog messages to the server
How do you detect specific clients that have not sent syslog messages to the server in a specified amount of time?
↧
Kiwi syslog server (free version) not logging incoming traffic
I've set up the Kiwi Syslog server as a service, but nothing shows in the Server Console / Service Manager. I've verified using wireshark that syslog messages are being sent to the workstation running the Kiwi server using UDP port 514, the server is listening on that port and there is no firewall enabled. Anyone know what I'm missing?
↧
Unable to bind secure TCP listener to port 6514 There might be a problem with the certificate provided
I set up Secure TCP port 6514 in in Kiwi Syslog Server version 9.5.0.332.
I'm getting the following error :
Unable to bind secure TCP listener to port 6514 There might be a problem with the certificate provided
I'm using a self-signed certificate that I created in IIS.
Why doesn't the error message tell exactly what is wrong with the certificate?
Could somebody suggest a solution or a workaround?
Thanks!
↧
Mail error: SMTP protocol error. 504 5.7.4 Unrecognized authentication type
I'm having trouble configuring email alerts. I'm trying to send alerts to my Office 365 email address. Can someone see if I've input one of these settings incorrectly? I'm using my full Office 365 email for each of the blacked out sections in the screen shot below. For "SMTP Password," I'm using my Office 365 password.
↧
↧
LOG FORWARDER 2012 server DOES NOT FORWARD EVENTS
We are using windows Server 2012 Standard version for Windows log forwarder but logs are not coming on Kiwi Syslog Server 9.6
↧
Sending events from Cisco 3750 switch
Hello,
I am trying to send events from a Cisco 3750 switch to our Kiwi syslog server but am unsure of the config for the switch.
Should the following work:
Switch (config) # logging on
Switch (config) # logging Syslog Server IP
Switch (config) # logging trap error
This command will send (Error 3) events (0-3) to the Kiwi server via UDP514. Is this the supported method of transfer?
Should this work or is there a "Supported" switch configuration that I should be using.
Thank you,
Chris
↧
log forwarder and dhcp auditing?
I am needing to forward all of our DHCP audits to the syslog, however I cannot figure out how to do that with the Log Forwarder. Which source do I use in the Event Viewer? The audit is logged to a file. Is there any way to forward changes to files?
↧
Syslog configure to pull Exchange server message tracaking log
looking for a guide to configure syslog server with Exchange server to pull exchange message tracking logs into syslog server.
↧
↧
SSL support for Kiwi Syslog server
Hi All,
Few months back we bought Kiwi Syslog Server license version because of the SSL feature only. I enabled the option Secured TCP option. But unfortunately it is unable to bind the port itself.
It says "invalid certificate provided". We use the same SSL certificate for other products with no issues. If use the same port for TCP or UDP only then it is working fine. I could not find what is the exact issue.
I contacted the SolarWinds customer portal few months back. They are not able tell what is exactly going on. Can you some one help me in fixing the problem?
Regards,
Abdun
↧
Event Log Forwarder - Where is the Audit Failure Type?
Hi There,
I'm trialing Kiwi Syslog and I'm having trouble with the Log Forwarder and Security Event Log. When I click on the Security Log I don't see Audit Success or Audit Failure as an event type. It just has Error, Warning and Information. If I manually edit the CFG file and add <int>16</int> it works, but then it gets overwritten if I make a change. Am I doing something wrong? How can I see Audit Failure as an Event Type?
Thanks,
↧
sys log server errors "FormatMessage failed with 1815" help please!!
Good day Community,
I am experiencing an urgent issue. The sys log server forwarder is forwarding the following message to the KIWI sys log server. The actual security logs are showing the correct information, however the message below is being showed. I thought it was the server, but wen I added another sever to forward security logs, I am getting the same message as shown below.
Can anyone who have encountered this message or know how to resolve this issue. The security logs are on the server and I can view them using event viewer properly and audit logs are reflecting fine.
I would really appreciate your humble assistance or comments.
Apr 08 14:36:34 CASSIOPEIA1.carimed.local MSWinEventLog 5 Security 495 Wed Apr 08 14:36:33 2015
4624 Microsoft-Windows-Security-Auditing N/A Audit Success CASSIOPEIA1.carimed.local 12544
The description for Event ID 4624 from source Microsoft-Windows-Security-Auditing cannot be
found. Either the component that raises this event is not installed on your local computer or
the installation is corrupted. You can install or repair the component on the local computer.If
the event originated on another computer, the display information had to be saved with the
event.The following information was included with the event: S-1-0-0. FormatMessage failed with
error 1815, The specified resource language ID cannot be found in the image file.
↧