Quantcast
Channel: THWACK: Popular Discussions - Kiwi Syslog
Viewing all 15803 articles
Browse latest View live

Kiwi Syslog Server free ed. not receiving SNMP Traps version 2c

April 13, 2015, 12:24 am
$
0
0

Hello Everybody.

 

I'm having troubles receiving SNMP Traps v 2c on Kiwi Syslog Server Free edition.

Although it is described in the feature list that this is supported (also in the documentation), i can receive version 1 but not 2c.

 

Using Wireshark to listen to the traffic i can clearly see SNMP traps version 2 incoming, but nothing appears on syslog server.

 

Can anyone help?

I asked support@ and sent many mails, but didn't get any answer to the problem, they just said to post my question here because this is a free product.

 

Thank you very much.

Search

Kiwi Syslog not receiving SNMP Traps

September 10, 2015, 6:14 am
$
0
0

Hi all.

 

I have just installed Kiwi Syslog Server 9.5 on a test machine to evaluate its suitability for a project I'm working on. It's currently still running in 14-day Evaluation mode.

 

We can't seem to get it to receive SNMP traps at all. No matter what we do, netstat shows nothing listening on UDP port 162. SNMPv1 traps are being sent to the server, and we can see them in Wireshark arriving at the server, but Kiwi isn't listening for them.

 

In desparation, we tried enabling the Windows SNMP Trap service (although we understand this isn't required?) and this 'absorbed' the traps, but nothing appeared in Kiwi.

 

The test machine is running Windows 7 (32-bit) with the Windows Firewall switched off.

 

Should the 14-day Evaluation be able to receive SNMP traps?

 

Thanks in advance for any advice!

Kiwi Syslog Server - Status Code 500

November 1, 2011, 6:01 am
$
0
0

Hi community. I ve searched about my problem but only found topics related about Orin software. I am getting an exception in Kiwi Syslog Web Access. Status Code 500. Any one have experienced this issue ? Thanks a lot.

Exception of type  'System.Web.HttpUnhandledException' was thrown.

Status Code: 500

System.Web.HttpUnhandledException:  Exception of type 'System.Web.HttpUnhandledException' was thrown. --->  System.ArgumentOutOfRangeException: 'capacity' must be  non-negative.
Parameter name: capacity
at  System.Collections.ArrayList..ctor(Int32 capacity)
at  RadGridUserSettings.GetSerializedSettings()
at _Event.Render(HtmlTextWriter  writer)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer,  ControlAdapter adapter)
at System.Web.UI.Control.RenderControl(HtmlTextWriter  writer, ControlAdapter adapter)
at  System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at  Telerik.Web.UI.RadAjaxControl.RenderPageInAjaxMode(HtmlTextWriter writer,  Control page)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter  writer, ICollection children)
at  System.Web.UI.Control.RenderChildren(HtmlTextWriter writer)
at  System.Web.UI.Page.Render(HtmlTextWriter writer)
at  _Event.Render(HtmlTextWriter writer)
at  System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer,  ControlAdapter adapter)
at System.Web.UI.Control.RenderControl(HtmlTextWriter  writer, ControlAdapter adapter)
at  System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at  Telerik.Web.UI.RadAjaxControl.RenderPageInAjaxMode(HtmlTextWriter writer,  Control page)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter  writer, ICollection children)
at  System.Web.UI.Control.RenderChildren(HtmlTextWriter writer)
at  System.Web.UI.Page.Render(HtmlTextWriter writer)
at  _Event.Render(HtmlTextWriter writer)
at  System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer,  ControlAdapter adapter)
at System.Web.UI.Control.RenderControl(HtmlTextWriter  writer, ControlAdapter adapter)
at  System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at  System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,  Boolean includeStagesAfterAsyncPoint)
--- End of inner exception stack trace  ---
at System.Web.UI.Page.HandleError(Exception e)
at  System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint,  Boolean includeStagesAfterAsyncPoint)
at  System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean  includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at  System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
at  System.Web.UI.Page.ProcessRequest(HttpContext context)
at  ASP.events_aspx.ProcessRequest(HttpContext context)
at  System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at  System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&  completedSynchronously)

Resource: http://localhost:8088/Events.aspx
Referrer: http://localhost:8088/Gateway.aspx

Click here to return to the previous  page    Click here to return to the login  page

Problem with filtering in Kiwi Syslog

December 12, 2011, 1:15 pm
$
0
0

I am setting up a kiwi syslog server.  Running into a problem with the filtering not working the way I would expect.  I have used Kiwi but that was several years ago.  I have setup a display for a specific switch and have tried several different filter possibilities but still getting syslog messages on the display that dont belong to the switch I am trying to watch. 

I have tried a ip address - simple filter with the ip address of the switch "10.1.1.2".  On the cisco switch, I have used the command logging source-interface vlan 254 which should send out the syslog messages using the ip address in the simple filter I setup.  I have also tried the hostname option with the hostname of the switch "Switch1" but same problem.

It has got to be something simple but so far I havent found the problem.  Since this is the free version, I know I cant call Solar Winds support.

Any suggestions are appreciated.


Ron

Kiwi - Palo Alto User ID agent

January 30, 2013, 1:33 pm
$
0
0

I have written a perl script to take data from Kiwi, parse out some information and pass it into our Palo Alto UserID agent.  It runs fine when I pass the message in on the command line but when I have kiwi run it (so to pull the data from kiwi) it fails with an error:

 

Error Info: invalid charater on line 1

 

My script looks like this:

 

sub Main() {

  use PAN::API;

  $string = Fields.VarCleanMessageText;

  $SERVER = '127.0.0.1';

 

  #Extract user and IP from string

  if ($string =~ /(\w+)([.+]|(\s))(\w+)(\s|\+|.)(\d+\.\d+\.\d+\.\d+)/) {

       $delim = ($3 eq "+") ? " " : $3;

       $username = "$1\\$2$delim$5";

       $ip_address = $7;

  }

  print "$username : $ip_address \n";

 

  # Create User ID API connection

  $uid=PAN::API::UID->new($SERVER);

 

  #Post data to agent

  $uid->add('login',$name,$address);

  $uid->submit();

 

  return "OK"; #return value for Kiwi

}

 

Thanks for any guidance.

 

Kevin

messages text regex

November 20, 2013, 8:36 am
$
0
0

I'm using kiwi syslog ver 9.3.  I'm getting the following syslog message that I'd like to modify before it displays on my screen. 


Nov 19 16:17:38 opchmon0001 %OrionAlertEngine: .blu-c01-trd-csw02 is Down


All I care about is things after the colon, so essentially just blu-c01-trd-csw02 is Down


I created a regex filter to include ": .*" but this still doesn't work, but it seems like ti should.  Does anyone have an suggestion to get this to work?


Thanks for looking,

Pete



audit sql transaction log

September 4, 2015, 1:17 am
$
0
0

i have ms sql 2008 r2 express. can i use kiwi syslog server for tracking sql transaction log of my database and how? some guide or manual?

thanks

Problem with python script in Kiwi syslog server

May 21, 2016, 2:20 am
$
0
0

Hi,

 

I have a problem with python script, my script works fine when I run it outside Kiwi syslog with test data as you can see it in picture below

 

python_script_ok.jpg

but when i try to run it inside kiwi syslog i get error as you can see in next pictures

 

python_script_error.jpg

this is the script:

python_script_final_final.jpg

 

there is very little info on python script usage in kiwi syslog, maybe I'm doing something wrong. Any help would be appreciated.

 

Thanks in advance.

Search

Limiting Log Retention

January 28, 2009, 6:42 am
$
0
0

Hello.

 

I've installed the free version of Kiwi Syslog (I'm a long-time user of CatTools), and am unable to find a setup preference which tells Kiwi how long to retain syslog messages.  I don't have unlimited drive space, and only want to keep certain messages for a limited period.

 

More specifically, need to keep the NAT translation messages from my firewall, so I can track down inappropriate use by students.  These messages come at a rate of over 20,000/hr.  I only want to keep them for a week.

 

Thanks

SolarWinds.SyslogServer.Engine.log

April 6, 2017, 11:52 am
$
0
0

Hi, I was hoping someone can explain the log files ('SolarWinds.SyslogServer.Engine.log') created in the Syslogd folder to me. What purpose do they serve? Are they safe to delete? Can I set them to be created in a different directory?

 

Thank you.

Kiwi Syslog Service Getting Stopped automatically.

December 9, 2013, 8:08 am
$
0
0

Kiwi syslog service is getting stop and while restarting it, again after few sec it stop. Restarted the server but no luck. Do any one have idea what will be cuase of issue.

kiwi vs orion syslog

August 17, 2009, 10:05 am
$
0
0

What is the differencse between the two? Do i need both running?  Can i have both running on the same box?  Currently i have both installed on the same box.  the orion syslog is running but the kiwi gives error messages like "Unable to open UDP socket on port 514" or "Registered action was found in settings and disabled"

Can't start Kiwi Syslog Service - Logon Failure

September 27, 2011, 7:23 am
$
0
0

After installing the permanent license for Kiwi Syslog server the Syslog service will not start.  It started without problems when running as the trial version.  No errors appear in the Kiwi Syslog error log, but the Windows event viewer shows the following error:

The Kiwi Syslog Server service failed to start due to the following error: The service did not start due to a logon failure.

I can't find anything in the Kiwi Syslog documentation about having to login.  The OS is Windows 2008 R2.  I am starting the Syslog service from Service Manager > Manage, and Service Manager was Run As Administrator.

Is this a known problem?

Thanks, Glenn

log forwarder and dhcp auditing?

October 15, 2011, 10:57 am
$
0
0

I am needing to forward all of our DHCP audits to the syslog, however I cannot figure out how to do that with the Log Forwarder.  Which source do I use in the Event Viewer?  The audit is logged to a file.  Is there any way to forward changes to files?

SYSLOG error with windows server 2012

June 9, 2015, 12:24 am
$
0
0

Hi

 

i am installing syslog in my server room to monitor the log in/log out operations on serers... i installed log forwarder on some windows server 2003 servers and everithig is ok but now i installed it on some windows server 2012 and all the messages that i receive from these servers are like this :''06-08-2015 17:03:47 Kernel.Info 172.19.12.119 giu 08 17.03.47 srv-av.astergenova.it MSWinEventLog   6   Application   127   lun giu 08 17.03.41 2015   1003   Microsoft-Windows-Security-SPP      N/A   Information   srv-av.astergenova.it   0   The description for Event ID 1003 from source Microsoft-Windows-Security-SPP cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.If the event originated on another computer, the display information had to be saved with the event.The following information was included with the event: 55c92734-d682-4d71-983e-d6ec3f16059f. FormatMessage failed with error 15100, The resource loader failed to find MUI file."

do you have idea of how to fix this? syslogger is installed on a xp machine but i also tried to install it on a windows 2012 server machine and nothing changed

Search

Anyone have trouble with EMET not allowing kiwi syslog server to run on Windows 2012 R2?

August 8, 2016, 9:17 am
$
0
0

We are having problems getting EMET to allow the kiwi syslog server service to run on an Windows 2012 R2 Server VM.  We have case 999667 open and still haven't gotten it working.  One of my partners working on this opened the case.

How to delete old records from Kiwi Syslog Web Access?

September 4, 2009, 8:18 am
$
0
0

How to delete records from the Kiwi Syslog Web Access?

Thanks.

How to Split Logs to Multiple Displays in Kiwi Syslog Server

May 31, 2013, 8:56 am
$
0
0

SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple displays in Kiwi Syslog Server.

 


External link to Jing: Multiple Displays - justinfinley's library

 

Video Guide:

  • 0:00 Unfiltered display (Display 00)
  • 0:10 Showing the rule that sends all messages to Display 00
  • 0:20 Changing the unfiltered display from Display 00 to Display 05
  • 0:25 Checking that the switch happened
  • 0:35 Adding a new filter rule looking for the word "logon" and sending it to Display 01
  • 1:20 Adding a new filter rule looking for the word "logoff" and sending it to Display 02
  • 2:05 Checking that the new filters work
  • 2:25 Renaming "Display 05" to "All Messages"
  • 2:45 Renaming "Display 01" to "Logon" and "Display 02" to "Logoff"
  • 3:10 Checking that the display renaming worked

 

Remember to "LIKE" this if you find it useful - that helps other find it too!

How to Split Log Files by IP Address and Date in Kiwi Syslog Server

May 31, 2013, 9:19 am
$
0
0

SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple files by IP address and date in Kiwi Syslog Server.  Specifically, this syslog server tutorial shows how to store logs in separate folders for each source IP address, and then shows how to keep separate log files for each day within those folders.  (e.g., "D:\logs\192.168.000.001\Log2012-07-13.txt")

 

 

External link to Jing: autosplit - justinfinley's library

 

Video Guide:

  • 0:00 Opening Kiwi Syslog's configuration dialog
  • 0:15 Using an "AutoSplit" variable of "IP Address (4 octets)" (%IPAdd4) in the log path to split logs by IP address
  • 0:40 Using an "AutoSplit" variable of "ISO Date" (%DateISO) in the log path to split logs by date

 

Remember to "LIKE" this if you find it useful - that helps other find it too!

Kiwi SysLog Web Access Not Working after Upgradeing WhatsUpGold

May 19, 2014, 2:33 pm
$
0
0


Both applications have been running on the same server for several years. This is a Windows 2008 R2 64 bit machine, running the Army AGM.

 

WuG is now working 16.x

 

One of the things IPSwitch had me try to do, to fix WuG was install SQL Server Express 2008 R2

 

Kiwi Syslog (KSL) is version 9.3.4, the Kiwi Syslog Server Console "Is" working, only Web Access is down.

 

I tried to reinstall KSL, it worked, but somehow then WuG web access went down, I had to repair IIS and .NET

 

WuG uses 443, trying to get KSL to use 8088 (previously used) or 8888

 

When I try to access (even just Browse Web Site from IIS) I get:

 

"Error An unknown error occurred requesting resource /

Click here to log in"

 

When I click the link:

 

"Error An unknown error occurred requesting resource

/Gateway.aspx

 

Click here to log in"

 

At this point it just loops.

 

In IIS, I deleted the original website and created a new one.  Path I used is:

C:\Program Files (x86)\SolarWinds\Kiwi Syslog Web Access\html

Viewing all 15803 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>