Quantcast
Channel: THWACK: Popular Discussions - Kiwi Syslog
Viewing all 15803 articles
Browse latest View live

Can Kiwi forward SNMP trap forwarding snmp trap and keep the source ip (spoof)

October 23, 2014, 1:45 am
$
0
0

Hi

 

I testing Kiwi as snmp trap server that will forward some Traps to NPM.

I find it hard to forward SNMP trap and keep the source ip.

Is that syslog Only to "sppof" the source?

 

 

 

RouterA->Trap Kiwi->NPM see kiwi

 

23-10-2014 10:40:3410.kiwi IP kiwiserver * SNMPv2-SMI:enterprises.20580.69 enterprises.20580.69.181 = community=DIST, enterprise=1.3.6.1.4.1.2636.1.1.1.2.57, uptime=1722307967, agent_ip=10.10.30.61, generic_num=3, specificTrap_num=0, specificTrap_name=, version=Ver1, generic_name="Link up", ifIndex.1073741824=1073741824, ifAdminStatus.1073741824=testing, ifOperStatus.1073741824=7
snmpTrapOID = SNMPv2-SMI:enterprises.20580.69
sysUpTime = 1 day 1 hour 20 minutes 8,21 seconds
Search

How to open old log files with Syslog Web Access?

August 25, 2015, 11:49 am
$
0
0

I have logs saved to separate files every day.  At the end of the quarter, I will need to look thru the logs to collect statistics for the report.

Is there a way for me to use Syslog Web Access to look thru the old log files and filter out information that I need?

 

I am using Syslog v9.5

LOG FORWARDER 2012 server DOES NOT FORWARD EVENTS

June 29, 2017, 4:06 am
$
0
0

We are using windows Server 2012 Standard version for Windows log forwarder but logs are not coming on Kiwi Syslog Server 9.6

Sys Log Configuation.

October 17, 2016, 9:21 am
$
0
0

Dears,

 

I have some questions here regarding the below:

 

1- log rotation

2- log archiving

3- Clean up.

 

Please advise with a best practice configuration. currently we have a clean up action to delete logs every one week. our requirement to keep three months logs.

 

: we are using AutoSplit option using IP address. so the number of logs is equal the number of hosts. . and if I use log rotation then the information for all logs will be accessible from the console,shall I use archiving as well?

 

what is the best practices configuration?

 

Thanks

Kiwi Syslog advantages over PRTG syslog

September 15, 2016, 1:10 pm
$
0
0

Hi guys, my boss has asked me to consider moving our syslogging services to PRTG syslog. I am very happy with Kiwi Syslog and don't want to migrate.

I want to come up with a  list of reasons why this is not a good idea i.e. what things KiwiSyslog does better.
Can someone who is familiar with both of these packages assist me.

Thanks kindly for any help.

Can I install Kiwi 9.3.4 in Windows Server 2012 R2

February 8, 2017, 1:04 pm
$
0
0

I currently have a Kiwi Syslog (9.3.4) on a Windows Server 2003 R2 (x64) and would like to know the following;

 

1. Can I install the current version (9.3.4) into a newly build Windows Server 2012 R2 machine? Is it compatible with Server 2012 R2?  If yes, can I move the database of the old Kiwi to the newly installed Kiwi Syslog server? If no;

2. Can I install the new version (9.5) into a newly build Windows Server 2012 R2 without buying a new license?

 

Thanks guys.

Kiwi Syslog Server v9.6.0/9.6.1 need ".NET Framework 4.0" ?

June 14, 2017, 10:04 pm
$
0
0

I tried to install v9.6.1 on Windows Server 2008 R2.

I had already installed ".NET Framework 3.5 SP1" on this system.

 

 

When I executed v9.6.1 installer, I got the following message.

----------------------

Kiwi Syslog Server 9.6.1 Installer

Microsoft .Net Framework 4.0 is not installed on this system

[OK]

----------------------

961_installer_.Net Framework 4.0 is not installed.png

 

I can not install v9.6.1.

I got the same message, when I tried to install v9.6.0.

 

SolarWinds discribed the System Requirements as below:

NET Framework: .NET Framework 3.5 SP1

 

http://www.kiwisyslog.com/kiwi-syslog-server

https://support.solarwinds.com/Success_Center/Kiwi_Syslog_Server/Kiwi_Syslog_Server_Installation_Guide/020_System_requirements_for_Kiwi_Syslog_Server

http://www.solarwinds.com/ja/kiwi-syslog-server#requirements

 

2017-0615_KSS_SystemRequirements_2.png

 

 

Question:

Do Kiwi Syslog Server v9.6.0/9.6.1 need  ".NET Framework 4.0" or Higher?

 

 

Best Regards,

syslog is not getting captured for few routers

June 22, 2017, 9:05 am
$
0
0

HI All,

 

we have cisco routers where in many of the device loggs are not being captured in syslog server from last one month.

Earlier everything was working fine. Device level configuration is also fine.

 

pls check and suggest.

Search

Monitor Cisco Firewall and Router "Bad Password" Attempt Failures

March 11, 2013, 10:48 am
$
0
0

I am setting up Cisco Routers and assorted firewall with Kiwi to listen and alert on Bad Passwords with little success.  I have also allowed SNMP.  Has anyone have success with doing this and have any examples of the Cisco devices.  We are using an assorted number of Cisco Routers, Switches, ASA firewalls, and VPN 3000 series gear.

 

logging trap errors

logging source-interface Ethernet0/0

logging 172.16.7.57

snmp-server community readmib RO

snmp-server enable traps snmp

snmp-server enable traps syslog

snmp-server host 172.16.7.57 traps writemib

!

SolarWinds.SyslogServer.Engine.log

April 6, 2017, 11:52 am
$
0
0

Hi, I was hoping someone can explain the log files ('SolarWinds.SyslogServer.Engine.log') created in the Syslogd folder to me. What purpose do they serve? Are they safe to delete? Can I set them to be created in a different directory?

 

Thank you.

how to configure kiwi 9.4 syslog server for mikrotik in windows 7

July 1, 2017, 11:21 am
$
0
0

Dear All,

 

I try to configure kiwi 9.4 syslog server for mikrotik but failed. Would you please help to provide a step by step configuration method?

Can't start Kiwi Syslog Service - Logon Failure

September 27, 2011, 7:23 am
$
0
0

After installing the permanent license for Kiwi Syslog server the Syslog service will not start.  It started without problems when running as the trial version.  No errors appear in the Kiwi Syslog error log, but the Windows event viewer shows the following error:

The Kiwi Syslog Server service failed to start due to the following error: The service did not start due to a logon failure.

I can't find anything in the Kiwi Syslog documentation about having to login.  The OS is Windows 2008 R2.  I am starting the Syslog service from Service Manager > Manage, and Service Manager was Run As Administrator.

Is this a known problem?

Thanks, Glenn

SNMP forwarding

July 5, 2010, 5:55 am
$
0
0

All

I have setup my KIWI syslog server to listen for SNMP traps, successfully.  Is there a way to setp KIWI, or an available action to forward the SNMP traps to other SNMP trap receivers as KIWI receives them.

Thanks

KIWI New Guy

Kiwi Syslog WebAccess Installation Error (error code is 2869)

October 27, 2010, 8:29 pm
$
0
0

*Kiwi Syslog Server V.9.1.0
*Windows 2008 SP1 and SP2 64bit

Our client encountered a Kiwi Syslog WebAccess installation error.

The error message is as follows:
=============================================
The installer has encountered an unexpected error
installing this package. This may indicate a problem
with this package.The error code is 2869.
=============================================
*Kiwi Syslog Server service runs correctly.

*The client stopped Anti-Virus service before the installation.

 

Are there some information to resolve the problem?

How to Split Logs to Multiple Displays in Kiwi Syslog Server

May 31, 2013, 8:56 am
$
0
0

SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple displays in Kiwi Syslog Server.

 


External link to Jing: Multiple Displays - justinfinley's library

 

Video Guide:

  • 0:00 Unfiltered display (Display 00)
  • 0:10 Showing the rule that sends all messages to Display 00
  • 0:20 Changing the unfiltered display from Display 00 to Display 05
  • 0:25 Checking that the switch happened
  • 0:35 Adding a new filter rule looking for the word "logon" and sending it to Display 01
  • 1:20 Adding a new filter rule looking for the word "logoff" and sending it to Display 02
  • 2:05 Checking that the new filters work
  • 2:25 Renaming "Display 05" to "All Messages"
  • 2:45 Renaming "Display 01" to "Logon" and "Display 02" to "Logoff"
  • 3:10 Checking that the display renaming worked

 

Remember to "LIKE" this if you find it useful - that helps other find it too!

Search

How to Split Log Files by IP Address and Date in Kiwi Syslog Server

May 31, 2013, 9:19 am
$
0
0

SolarWinds's own Justin Finley just recorded a video tutorial that shows how to split logs into multiple files by IP address and date in Kiwi Syslog Server.  Specifically, this syslog server tutorial shows how to store logs in separate folders for each source IP address, and then shows how to keep separate log files for each day within those folders.  (e.g., "D:\logs\192.168.000.001\Log2012-07-13.txt")

 

 

External link to Jing: autosplit - justinfinley's library

 

Video Guide:

  • 0:00 Opening Kiwi Syslog's configuration dialog
  • 0:15 Using an "AutoSplit" variable of "IP Address (4 octets)" (%IPAdd4) in the log path to split logs by IP address
  • 0:40 Using an "AutoSplit" variable of "ISO Date" (%DateISO) in the log path to split logs by date

 

Remember to "LIKE" this if you find it useful - that helps other find it too!

LOG FORWARDER 2012 server DOES NOT FORWARD EVENTS

June 29, 2017, 4:06 am
$
0
0

We are using windows Server 2012 Standard version for Windows log forwarder but logs are not coming on Kiwi Syslog Server 9.6

How to load-balance Kiwi Syslog servers

December 23, 2013, 12:31 pm
$
0
0

I've got a set of 3 Kiwi servers sitting behind an F5, which I *thought* would effectively load balance the incoming syslog volume (I'm seeing around 5-8million messages per hour, and we haven't really turned everything on yet).

 

The problem, I just discovered, is that F5 load balances based on connections, not messages/packets. So round robin isn't round robin since most of my sending systems are passing new messages (and therefore creating a connection) more than even the lowest "disconnect after" option on the F5 (which is 1 second).

 

So my first server is maxing out at about 5million MPH and 0% buffer, while server 02 gets 2million messages and 80% buffer, and server 03 gets barely anything at all.

 

Has anyone else tried this, and have you found a work around (it doesn't have to be an F5. I just need the ability to create a pool of Kiwi servers and have all the systems in my enterprise sending to ONE ip address.

 

Thanks!

- Leon

Receive / Filter SNMP traps and forward only traps of interest

February 20, 2015, 7:21 pm
$
0
0

Just installed the licensed version based on the SNMP component to do some filtering/forwarding as a temporary work around.

From the product description it looked like this should be possible.

I've searched around the product doco, KB and THWACK but I couldn't find anything specific to receive and forward on specific traps, not all. Is this possible?

There was a similar question part of another thread which went unanswered Re: SNMP forwarding


I do have NPM and know it's possible there, however the amount of SNMP traps being sent is causing performance degradation on the <other vendors> alarming collector so it was intended to use a Solarwinds/Kiwi tool for the SNMP Trap filtering to help the other servers workload.

An NPM license to do just SNMP trap filtering is a bit of an overkill for a temporary solution whilst the customer modifies all their device configs over the next couple of months.

 

Thanks

Kiwi Syslog not capturing syslogs

May 14, 2013, 1:40 pm
$
0
0

Installed Kiwi Syslog Free version 9.3.4 on Windows Server 2008 R2.  Trying to capture syslog from a Cisco ASA 5510.  I have confirmed that the syslog events are hitting the server with Wireshark.  Nothing is coming through to Kiwi Syslog.  Current settings are all default.  No filters in place.  Not sure what is wrong as I can see the syslog messages coming through Wireshark. Any ideas as to why the syslog messages are not being seen by Kiwi?

Viewing all 15803 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>