I would like to get a verification for the stated tool, is it a freeware tool that I can use with a limitation features or is just 14 days trial version tool?
↧
Kiwi Syslog Server Tool - Free to use or just a trial version for 14 days?
↧
What happens to syslog forwarder when internet down
Hi guys,
I'm just wondering what will happen.Let's say, I forward syslog from my firewall to kiwi syslog server(Syslog Server A), and the syslog server is configured to forward syslog to another syslog server(Syslog Server B) via Internet/Ipsec tunnel. If the internet connection is down for 12 hours, what will happen to the syslogs captured by Syslog Server A during the 12 hours? Will Syslog Server B still get all the 12 hours syslogs when internet connection restored?
Regards,
Muk
↧
↧
Syslog solution (New*) Log Manager for Orion or (old)Kiwi Syslog.
Dear Thwack experts,
Our WAN is spread across 500 sites, connected via 5 Datacenters, Most are VPN connections btw Sites and DC's ,but few still have slow paced connections.
For NPM, We are planning to build our HA solution across DC1 and DC2, and will use APE at DC3,DC4 & Dc5, So that each polling engine can poll the devices at connected remote site.
Now speaking about Syslog monitoring Requirement, We felt Log manager for Orion has lot more feature , But may not fit into our environment.
Discussion points:
-In our case, Device at remote site, need to send syslog message to the centralized solution
1)Kiwi have below solution:
Kiwi Secure Tunnel receives, compresses, and securely transports, syslog messages from distributed network devices to the Kiwi Syslog Daemon.
Does Log manager for Orion can be used here.??
2) Kiwi also store the syslog and trap messages into Microsoft® SQL Server , Apart from Log tagging, how different can Log manager can help to our operations team,, any comparison between KIWI and LM would be more helpful
( please correct me, if I am wrong some where)
↧
Kiwi Web Access Fails Security Scans Due to EOL SQL Server Compact 3.5
The latest version of Kiwi Syslog Server 9.6.5.3 still uses SQL Compact 3.5 SP2 which is an automatic failure on our security scans because of its EOL status. I asked Solarwinds tech support for some guidance (Case #00172414) on replacing SQL Compact 3.5 with version 4 to which they replied, "SQL Compact is part of the UltiDev Web Server and we don't have control over that, which is a third party application we use."
I've tried removing and reinstalling Kiwi with SQL Server Compact 4 pre-installed, but the install wizard wouldn't detect version 4 and insisted on installing 3.5 SP2. I'll try tinkering with the install and checking the vendor who makes the web server but I gotta ask, "Has anyone out there been able to swap out SQL Compact 3.5 SP2 for version 4 or something higher?"
Thanks...
↧
Integration to WhatsUp Gold in iFrame?
Hi all together.
I am running WhatsUp Gold, but WuG's syslog and eventlog management is very weak.
And ipswitch has no good product for this with a webinterface.
As I only have to monitor approx. 20 servers, I don't want to buy a $$$$-solution. Kiwi syslog server would do it fine.
But for a quick overview on a device, I would like to integrate the informations from Kiwi syslog server into WuG.
WuG does allow; it's possible to insert iframes and insert custom html or a link.
(For further informations: look at http://www.plixer.com/products/netflow-sflow/scrutinizer-whatsupgold.php , there is also a pdf which explains this in detail.
It's for scrutinizer, but should work with every webpage).
I now would like to insert (in the device-report of WuG) a link to the webinterface of Kiwi.
To achieve a smooth operation, I will have to include some informations in the link.
I think this will be:
i) the login + password for the Kiwi Web Access
(Kiwi would be installed on the same machine or a machine in the same subnet; Wug and Kiwi won't be accessible from the web, only from the LAN).
ii) the IP or NetBiosName for the device of interest (on the reports-per-device, I only want to see the device-specific messages)
iii) if possible: Also some sort of filter string; for example to show only Messages from Service ABCD (running on the particular machine).
Question A)
Can I access a Kiwi Syslog Server - Webpage directly by a link including this informations?
If yes - how would such a link look like (I have found nothing on the web).
Are there any guides, how-to's, tips, experiences for this integration?
Question B)
Opening severals reports in WuG would fire several accesses to the Kiwi-Pages using the same login+password combo.
Does this cause any problems on Kiwi?
Kind regards to all,
I am running WhatsUp Gold, but WuG's syslog and eventlog management is very weak.
And ipswitch has no good product for this with a webinterface.
As I only have to monitor approx. 20 servers, I don't want to buy a $$$$-solution. Kiwi syslog server would do it fine.
But for a quick overview on a device, I would like to integrate the informations from Kiwi syslog server into WuG.
WuG does allow; it's possible to insert iframes and insert custom html or a link.
(For further informations: look at http://www.plixer.com/products/netflow-sflow/scrutinizer-whatsupgold.php , there is also a pdf which explains this in detail.
It's for scrutinizer, but should work with every webpage).
I now would like to insert (in the device-report of WuG) a link to the webinterface of Kiwi.
To achieve a smooth operation, I will have to include some informations in the link.
I think this will be:
i) the login + password for the Kiwi Web Access
(Kiwi would be installed on the same machine or a machine in the same subnet; Wug and Kiwi won't be accessible from the web, only from the LAN).
ii) the IP or NetBiosName for the device of interest (on the reports-per-device, I only want to see the device-specific messages)
iii) if possible: Also some sort of filter string; for example to show only Messages from Service ABCD (running on the particular machine).
Question A)
Can I access a Kiwi Syslog Server - Webpage directly by a link including this informations?
If yes - how would such a link look like (I have found nothing on the web).
Are there any guides, how-to's, tips, experiences for this integration?
Question B)
Opening severals reports in WuG would fire several accesses to the Kiwi-Pages using the same login+password combo.
Does this cause any problems on Kiwi?
Kind regards to all,
↧
↧
Kiwi Syslog Server Setup Window is Blank
The program was originally setup before I started working here. Recently I was asked to have some data emailed to the IT here, well I opened up the interface, and the Kiwi Syslog Server Setup window is blank, except for the menu items at the top and the buttons at the bottom right.
After some searching around on google, I figured out that the interface was missing a lot of stuff.
Besides the setup interface being blank, the server functions and is performing email tasks that were previously setup.
Any suggestions on resolving this issue?
Kiwi Syslog Server V9.2 licensed, maintenance has expired
Windows 7 Pro 64 Bit
↧
forward Oracle & SQL log Syslog Server
Hi All,
I'm new here and new to Kiwi Syslog and i really need your help.
currently, our information Security officer request us to add our oracle servers and SQL servers logs to Kiwi Syslog server to monitor.
can anyone help/instruct me on how i can implement this !!!
Best Regards,
↧
Mail error: SMTP protocol error. 504 5.7.4 Unrecognized authentication type
I'm having trouble configuring email alerts. I'm trying to send alerts to my Office 365 email address. Can someone see if I've input one of these settings incorrectly? I'm using my full Office 365 email for each of the blacked out sections in the screen shot below. For "SMTP Password," I'm using my Office 365 password.
↧
syslog server service will not stay running
I had this the syslog server on a 2003 box - moved to 2012 R2 and the service will not stay running - anyone have any ideas or have run into this issue?
↧
↧
TCP Syslog Does Not Work in Latest Version
I use kiwi syslog server a lot for testing syslog. It seems like in the latest version there are issues with TCP. I'm verifying with the Kiwi Syslog Message Generator. Seems like with syslog server version 9.4.1 TCP connects and works, but in latest version 9.6.3 it does not connect for some reason. When I try to connect TCP with message generator it says "TCP session remotely disconnected" using the same tool the same exact way, it works with version 9.4.1. I'm using the syslog message generator tool on the same machine as the syslog server. Is this a known issue, or am I missing something? Any suggestions or help would be much appreciated. Thank you very much.
↧
Kiwi Syslog and Ngnix -- How to config
Hello everyone,
I am rather new to Kiwi Syslog and I am trying to figure out how to configure Ngnix so that it can send logs to the Kiwi Syslog server. I believe I may need a patch for Ngnix. However, I am not sure. If anyone has set up logging for Ngnix to Kiwi Syslog and wouldn't mind sharing your process. I would really appreciate the help.
Thanks.
-David Mulligan.
↧
Administrator Password Missed; Other way to login
Hi,
I have recently been handed over Kiwi Syslog server to manage which has both Fat Client and Web Server. Fat Client is directly logged in however Web console could not be logged in. When I checked regarding the password of "Administrator", I have been informed that resource handling it has left long ago and there is no one to tell.
Is there a way we can reset the password of Administrator or create a new user from Syslog Fat Client. I cant raise the request with Support as we do not have active maintanence.
Thanks,
Syed
↧
Additional MIB files support
We have a custom made device that is sending SNMP traps. The vendor has created several MIB files to translate OID values, unfortunately the MIB files cannot be provided to Solarwinds to create a new MIB database file.
Does anyone know if it is possible to add additional MIB files to the MIB database file without Solarwinds assistants?
If the above is not support, can anyone recommend an alternative on how OID values can be translated? Or how OID values and exported from a MIB file?
Many Thanks
Adam
↧
↧
How to create filter in kiwi syslog web access to filter only windows logon events
Dear All,
I want to create filter in syslog server to view the windows logon and logoff (event logs).
Please help me to create the filter.
↧
Syslog server not receiving messages in TCP/SSL mode
Hello,
I have installed kiwi syslog server 9.6.3.3 eval version and trying to configure syslog in TCP SSL mode.
First, these are the steps I following to configure the server:
a) created a self signed certificate using java keytool.
b) imported into windows certificates personal and trusted roots folder.
c) selected the imported certificate in kiwi setup configuration.
After following the above steps , I got below error in Event log file.
2017-11-29 16:40:06 Unable to bind secure TCP listener to port 6514 There might be a problem with the certificate provided.
After googling for this error, I got below link and used IIS server to create a self-signed certificate
Re: Kiwi Syslog Server does not display secure ASA syslogs
After configuring certificate which is generated from IIS, I started getting below error.
2017-11-30 12:37:30 Source: C:\Windows\SysWow64\mswinsck.ocx Error: Socket is non-blocking and the specified operation will block
But , I was able to receive messages in SSL mode using java code running in same box where syslog server is installed. If I try to run same java code from any box other than kiwi server, it is not receiving messages.
Observed similar behavior for TCP mode as well.
How to check syslog server is configured correctly or not? Is there any way to do that?.
Thanks in Advance!!
↧
DBCache folder accumulation (log to database action)
I am consistently getting warnings from SAM that the DB Cache folder the kiwi syslog (\\${IP}\c$\Program Files (x86)\Syslogd\DBCache) contains files. The warning in SAM indicates that the log to database action is falling behind or failing. I do not see anything in the documentation regarding this warning. Does anybody know how this affects the kiwi syslog and how concerned I should be? I would like to add more devices to send syslog information but am concerned kiwi will have more of these files in the DBCache. Currently I am seeing about 47K MPH in Kiwi. Has anybody else seen this message from SAM, or have any suggestions for possible solutions?
Thanks,
Caleb
Kiwi Syslog Server 9.4.2 installed on Windows 2008 R2 Standard, 8 GB ram, 200 GB HD.
Using the log to database action to Microsoft SQL Server 2008 R2, 8 GB ram, 100 GB HD
SAM 6.1.1 Application component File Count: DBCache Folder for Kiwi Syslog Server
↧
Automate SolarWinds Event Log Forwarder?
Hi all,
Is there away to setup an automated install of SolarWinds Event Log Forwarder? I'm planning on deploying it via SCCM and wanted to know if there's a way to automate the install and configuration of the program?
Any help would be grateful!!!
Thanks in advance.
↧
↧
The list of Windows Update that conflicts with Kiwi Syslog Server
Hi,
I use Kiwi Syslog Server on Windows Server 2016.
I got an error on Kiwi Syslog Server due to conflict with Windows Update several times.
1) Performed on April 26, 2017
*Environment
- Windows Server 2016
- Kiwi Syslog Server version 9.5.2
The following patchs were installed by Windows Update successfully.
KB4015217
KB890830
Then KSS is unable to load and presents the following error:
---------------------------
Syslogd
---------------------------
Component 'KiwiSocket.ocx' or one of its dependencies not correctly registered: a file is missing or invalid
---------------------------
2) Performed on May 19, 2017
*Environment
- Windows Server 2016
- Kiwi Syslog Server version 9.6.1
The following patchs were installed by Windows Update successfully.
KB3150513
KB4019472
KB890830
KB4013418
Then KSS is unable to load and presents the following error:
---------------------------
Syslogd
---------------------------
Component 'XceedZip.dll' or one of its dependencies not correctly registered: a file is missing or invalid.
---------------------------
[Resolution]
Both cases, I uninstalled and re-installed Kiwi Syslog Server.
Please refer:
3) Performed on June 21, 2017
*Environment
- Windows Server 2016
- Kiwi Syslog Server version 9.6.1
The following patchs were installed by Windows Update successfully.
(KB3186568)
(KB4023834)
(KB4022715)
(KB890830)
(KB3150513)
Then KSS is unable to load and presents the following error:
---------------------------
Syslogd
---------------------------
Component 'XceedZip.dll' or one of its dependencies not correctly registered: a file is missing or invalid.
---------------------------
[Resolution]
I uninstalled and re-installed Kiwi Syslog Server.
==================================
4) Performed on April 3, 2018
*Environment
- Windows Server 2016
- Kiwi Syslog Server version 9.6.3
The following patchs were installed by Windows Update successfully.
KB4089510
Then KSS is unable to load and presents the following error:
---------------------------
Syslogd
---------------------------
Component 'KiwiSocket.ocx' or one of its dependencies not correctly registered: a file is missing or invalid
---------------------------
[Resolution]
I uninstalled and re-installed Kiwi Syslog Server.
==================================
==================================
5) Performed on June 29, 2018
*Environment
- Windows Server 2016
- Kiwi Syslog Server version 9.6.3
The following patchs were installed by Windows Update successfully.
KB4284833
2018-06 x64 ベース システム用 Windows Server 2016 の累積更新プログラム (KB4284833)
Then KSS is unable to load and presents the following error:
---------------------------
Syslogd
---------------------------
Component 'KiwiSocket.ocx' or one of its dependencies not correctly registered: a file is missing or invalid
---------------------------
[Resolution]
I uninstalled and re-installed Kiwi Syslog Server.
==================================
メッセージ編集者: JTC Osaka After Windows Update(2018-June), KSS can not start again.
↧
Kiwi Syslog Service hanging
1st time starting a discussion.
1st time working with Kiwi Syslog.
Let me know if I'm in the wrong place.
I am very new to Syslog Servers.
I'm a Route/Switch type guy.
We are using Kiwi Syslog to get Call Manager Call Traces for troubleshooting.
This Instance of Kiwi Syslog was working fine as a Guest VMware Server on a Host Server.
We used the app Veeam to move the Kiwi Syslog VMware Guest Server to another Host.
This issue started after the copy/move of the Kiwi Syslog
No IP addresses were changed, it's on the same network as before.
It starts up, logs are being received, and then they stop.
If you try to start the service, it tells you it's already running.
At the bottom of the Kiwi Syslog Service Manager, you can see the MPH indicator has stopped.
Looking at the correct folder I can see the logs are no longer being received.
If I stop the service and start the service it starts.
There is a script that tells it to restart every morning at 4am, and it will do this.
Below is the error event seen when it stopped last time.
Windows Server 2012 R2
64 -bit OS
Has anyone seen this type of issue before?
Any help would be greatly appreciated,
Mhaley
↧
Log Forwarder .net error
We are testing LF and it's working so far on all our 2012 and 2016 servers.
Multiple 2008 servers with .net 1.1, 3.5 sp1, and 4.5.2, produce this error over and over:
Application: LogForwarder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
at LogForwarder.LogForwarderService.LoadConfigFile()
at LogForwarder.LogForwarderService.InitService()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
As I understood it, 4.5 was an inplace replacement for 4.0. Is this not correct? Or do I have to troubleshoot something else? Running the .net 4 installer says a higher version is installed.
Thanks!
↧