Hello,
Could you please tell me how to transfer all DHCP events (from a standard Windows 2012 DHCP server) to syslog ?
Thanks in advance for your help
↧
Collect DHCP events from Windows DHCP server
↧
Kiwi Syslog - Read text file/csv
Hi all,
Is there a way that I am able to have Kiwi Syslog read from or import from a text file or CSV file that may be generated by a program that does not support Syslog?
Thanks.
↧
↧
Sending events from Cisco 3750 switch
Hello,
I am trying to send events from a Cisco 3750 switch to our Kiwi syslog server but am unsure of the config for the switch.
Should the following work:
Switch (config) # logging on
Switch (config) # logging Syslog Server IP
Switch (config) # logging trap error
This command will send (Error 3) events (0-3) to the Kiwi server via UDP514. Is this the supported method of transfer?
Should this work or is there a "Supported" switch configuration that I should be using.
Thank you,
Chris
↧
SolarWinds.SyslogServer.Engine.log
Hi, I was hoping someone can explain the log files ('SolarWinds.SyslogServer.Engine.log') created in the Syslogd folder to me. What purpose do they serve? Are they safe to delete? Can I set them to be created in a different directory?
Thank you.
↧
Kiwi Syslog not displaying Cisco ASA 5505 syslogs
I have a Cisco ASA 5505 that is setup to send syslogs to a remote syslog server.
I have kiwi syslog (free) installed on a Windows 2003 R2 Server and it is listening on UDP port 514. The syslog server also is my Ciscoworks v3.2 server.
I can ONLY see the Ciscoworks log files and not the ASA. I only want to display the ASA log files.
I have googled, read the user guide, and search the forum and cannot find any procedure that I can tweak Kiwi to log the syslog files from my ASA which is being used as a VPN concentrator.
Any ideas?
↧
↧
Procurve switches not sending syslog messages in KIWI syslog
Hi all,
New here, searched for discussions but found no entry on procurve switch(es).
The Procurve switches will not send any syslog messages (wiresharked the server)
Turned on logging on the switch: logging 'ip-address'
show debug
Debug Logging
Source IP Selection: Outgoing Interface
Destination:
Logging --
'ip-address' Kiwi Syslog server
Protocol = UDP
Port = 514
Facility = user
Severity = info
System Module = all-pass
Priority Desc =
tried facility 'syslog' still nothing.
Only the Procurve switches will not send any syslog messages.
Other devices such as Cisco ASA's work fine.
Anyone ideas to solve this?
TIA Jaap
↧
How to load-balance Kiwi Syslog servers
I've got a set of 3 Kiwi servers sitting behind an F5, which I *thought* would effectively load balance the incoming syslog volume (I'm seeing around 5-8million messages per hour, and we haven't really turned everything on yet).
The problem, I just discovered, is that F5 load balances based on connections, not messages/packets. So round robin isn't round robin since most of my sending systems are passing new messages (and therefore creating a connection) more than even the lowest "disconnect after" option on the F5 (which is 1 second).
So my first server is maxing out at about 5million MPH and 0% buffer, while server 02 gets 2million messages and 80% buffer, and server 03 gets barely anything at all.
Has anyone else tried this, and have you found a work around (it doesn't have to be an F5. I just need the ability to create a pool of Kiwi servers and have all the systems in my enterprise sending to ONE ip address.
Thanks!
- Leon
↧
Kiwi Syslog Server free ed. not receiving SNMP Traps version 2c
Hello Everybody.
I'm having troubles receiving SNMP Traps v 2c on Kiwi Syslog Server Free edition.
Although it is described in the feature list that this is supported (also in the documentation), i can receive version 1 but not 2c.
Using Wireshark to listen to the traffic i can clearly see SNMP traps version 2 incoming, but nothing appears on syslog server.
Can anyone help?
I asked support@ and sent many mails, but didn't get any answer to the problem, they just said to post my question here because this is a free product.
Thank you very much.
↧
Log Forwarder - service won't start - Error 15007
I am getting error 15007, info about this error is in my language (czech), but here it is:
25.4.2017 8:42:52 - Unable to setup Windows Event Log subscribers. Subscribe failed with error 15007, Zadan? kan?l nebyl nalezen. Zkontrolujte konfiguraci kan?lu.
25.4.2017 8:42:52 - Server Initialization Failed. See previous event messages for reason.
25.4.2017 8:42:52 - SolarWinds Event Log Forwarder for Windows; Service Stopped.
↧
↧
LOG FORWARDER 2012 server DOES NOT FORWARD EVENTS
We are using windows Server 2012 Standard version for Windows log forwarder but logs are not coming on Kiwi Syslog Server 9.6
↧
Collect DHCP events from Windows DHCP server
Hello,
Could you please tell me how to transfer all DHCP events (from a standard Windows 2012 DHCP server) to syslog ?
Thanks in advance for your help
↧
filter out or delete log entries
I have rather odd question. We are looking to actually remove some types of logging entries before they come in not just filter them on the display. We use Kiwi Syslog to feed a custom Network Management Platform we have. We have a pearl script pulling in the log file entries from Kiwi Sylog every 5 min and populating a MySQL database. Right now we parse messages in the database, but I'd like to have a way of deleting them in the Kiwi Syslog files before the database pulls them in
↧
How to delete old records from Kiwi Syslog Web Access?
How to delete records from the Kiwi Syslog Web Access?
Thanks.
↧
↧
no log shows on Kiwi Syslog Web Access
I am having kiwi syslog 9.5 installed.
I choose to install as service and also installed the web access.
The syslog console opened fine and I see logs on displayed and also to file.
However, with the web access, it shows nothing (what so ever). I checked the Setup on Console Manager and see that under Rules i have 2 exact same option for "Log to Syslog Web Access". Everything under that options checked.
But I still see no log on web access.
1) I tried to uncheck all the "Log to Syslog Web Access".
2) Closed the Console Manager and reopened it
3) Checked mark one of the 2 optioins "Log to Syslog Web Access" and everything below it.
4) Opened and log in to web access -> Still see nothing.
any idea?
↧
Syslog stops logging with no notification
I discovered this morning (only because I didn't receive the nightly report) that two of our Syslog servers stopped logging yesterday afternoon. The nightly archiving and cleanup jobs did not run. The service did not crash. The drive has 63 GB of free space. There are no entries under the Application or System logs in Windows. Under the Errorlog I see this for all of the reporting nodes ("ip.address.#" is placeholder for the actual values in the logs):
2015-05-28 15:38:59 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:38:59 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:38:59 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address1.txt
2015-05-28 15:39:00 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:00 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:00 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1..txt
2015-05-28 15:39:02 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:02 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:02 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.2.txt
2015-05-28 15:39:03 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:03 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:03 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\ESX\ip.address.3.txt
2015-05-28 15:39:03 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:03 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:03 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1.txt
2015-05-28 15:39:06 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:06 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:06 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1.txt
2015-05-28 15:39:07 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:07 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:07 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\ESX\ip.address.4.txt
2015-05-28 15:39:08 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:08 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:08 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1.txt
2015-05-28 15:39:11 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:11 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:11 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1.txt
2015-05-28 15:39:16 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:16 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\Firewalls\ip.address.1.txt
2015-05-28 15:39:16 Log to file action - Error: Win32File Object [45600] Unknown error.
2015-05-28 15:39:16 Log to file action - Error: FlushCacheLines <Encoding_Failed> - File: E:\Syslogs\ESX\ip.address.5.txt
The log stops there. When I restart the service I see these additional entries in the Error log:
2015-05-29 07:17:16 Unable to open InterApp listening socket on TCP port 3300
2015-05-29 07:17:16 Unable to open UDP socket on port 514
2015-05-29 07:19:08 Service running, but Service/Manager comm link is not connecting.
2015-05-29 07:19:28 Unable to connect to Service socket on TCP port 3300
2015-05-29 07:19:38 Service running, but Service/Manager comm link is not connecting.
Any ideas?
↧
Can I install Kiwi 9.3.4 in Windows Server 2012 R2
I currently have a Kiwi Syslog (9.3.4) on a Windows Server 2003 R2 (x64) and would like to know the following;
1. Can I install the current version (9.3.4) into a newly build Windows Server 2012 R2 machine? Is it compatible with Server 2012 R2? If yes, can I move the database of the old Kiwi to the newly installed Kiwi Syslog server? If no;
2. Can I install the new version (9.5) into a newly build Windows Server 2012 R2 without buying a new license?
Thanks guys.
↧
Deploying Kiwi Syslog server to NPM Environment
Hello All,
I am planning to Deploy a Kiwi Syslog server to my NPM Environment.
We are planning to enable snmp traps and syslog messages to be sent from other tools to SolarWinds NPM hoping to have one alert dashboard focused on SolarWinds NPM.
I don't want to flood the polling engine and peg the processing power dealing will all the additional noise.
Instead the Kiwi Syslog server will process the items and forward the actionable items to the SolarWinds Server to be alerted and ticketed.
Any thoughts, concerns , or tips are appreciated.
Thank you,
Raymond
↧
↧
Public view
Hello,
I am having some difficulties opening KIWI Syslog webpage as a 'read only' public user. We have TV monitors in the IT department and we would like to dedicate one to show errors on the Syslog page with a refresher. I have marked the filters as public and tried the direct link option, but it takes me to the login screen. What am I doing wrong?
regards
↧
Unable to add new custom device to drop down list
Hi Evertone,
i created a New device for the HP EI 5130 based on H3c switch using a script.
Also did the same with the .ini file.
All is created using the official manual from SW.
the problem I’m facing now is, after I’m copying both files into the corresponding folders
I do not see the new device in the drop list.
I have tried to close the program or even restart the service, bu nothing helped.
Thanks on advance.
↧
How to encrypt syslog from cisco switch or router into Kiwi syslog?
I want to encrypt syslog from Cisco swirtch or router into Kiwi Syslog.
I read somewhere I can use syslog tls or snmp trap v3
Is that possible using Kiwi Syslog
thanks
↧