How do you detect specific clients that have not sent syslog messages to the server in a specified amount of time?
↧
How to detect clients that stop sending Syslog messages to the server
↧
Doc, KB and Getting Started
↧
↧
How to load-balance Kiwi Syslog servers
I've got a set of 3 Kiwi servers sitting behind an F5, which I *thought* would effectively load balance the incoming syslog volume (I'm seeing around 5-8million messages per hour, and we haven't really turned everything on yet).
The problem, I just discovered, is that F5 load balances based on connections, not messages/packets. So round robin isn't round robin since most of my sending systems are passing new messages (and therefore creating a connection) more than even the lowest "disconnect after" option on the F5 (which is 1 second).
So my first server is maxing out at about 5million MPH and 0% buffer, while server 02 gets 2million messages and 80% buffer, and server 03 gets barely anything at all.
Has anyone else tried this, and have you found a work around (it doesn't have to be an F5. I just need the ability to create a pool of Kiwi servers and have all the systems in my enterprise sending to ONE ip address.
Thanks!
- Leon
↧
Kiwi Syslog and Sonicwall Viewpoint log format are compatible?
There is some function on kiwi that I lost if I use sonicwall standard log format?
↧
SolarWinds Log Forwarder for Windows
Hi,
I am evaluation kiki syslog server(9.4),
I got this problem with the SolarWinds Log Forwarder for Windows.
somehow when this is install in a different subnet the windows event is not forward to the syslog server.
there is no firewall in between the 2 servers.
Is this the limitation or bugs.
Tommy
↧
↧
Kiwi Syslog Web Access
Hi, I am new to Kiwi Syslog and I keep coming up with the attached error when installing the web access component.
I have upgraded Syslog Server to 9.4.1 and can't seem to get this going. I don't know if it was ever working to begin with.
When I try and go to http://localhost:8088 I get an error that "The resource cannot be found".
Is there any pre requisites that need to be pre installed on the server for web access to run? We have it running on Windows Server 2008 R2 Ent. SP1
↧
Requesting assistance on Syslog application
Hi Everyone,
I’m Sunil working for Hewlett Packard India.
Currently, I’m facing an issue with a Kiwi Syslog application v.9x which is licensed and installed on a production environment for network monitoring. The application has failed to initialize and will not start.
I’m sharing the screenshot of the error messages, and requesting someone to please guide me in resolving the problem. As I’m not the expert in the application seeking guidance from the community.
Assistance on the following issue will be helpful and greatly appreciated.
Thank you.
Regards,
Sunil PN
↧
Kiwi Syslog 9.4 Release Candidate is Now Available!
The engineering effort on Kiwi Syslog Server (KSS) v9.4 Release Candidate has been completed. RC is the last step before general availability and is a chance for existing customers to get the newest functionality before it is available to everyone else.
You will find the latest version on your customer portal in the Release Candidate section.
Here is the content of this RC version:
- Moving to a new web server
This change brings a lot of new functionality "for free". Examples:- SSL (https) support for Web Access
- Process health monitoring
- TCP port sharing
- And much more! (See UltiDev Web Server Pro pages for details.)
- Active Directory authentication for web access
- Alerting for Message Queue Monitor
Be notified when the number of messages in the message queue crosses certain threshold. This indicates there might be performance problems and gives you chance to take an action before messages get dropped. - Bug Fixes / resolved cases:
AD support for Kiwi web access | |
3 questions regarding Kiwi Syslog Web Access | |
AD support for Kiwi web access | |
Kiwi Syslog accounts - AD tie in? | |
active directory authentication | |
AD/LDAP Support for Web Console | |
Kiwi Syslog Web User authentication via AD/LDAP | |
Broken Support link | |
Utra Dev Cassini Web Server Service | |
After web access installation, Cassini Web service stops | |
Feature Request - Support Newer UltiDev Cassini Server | |
WebAdmin: HTTPS for Web Front End | |
SSL for Web Access | |
https for Kiwi web interface | |
Alerting for Message Que Monitor | |
Availability of Buffer statistics for alerting and reporting | |
Milliseconds in Syslog in Descending Order! | |
Feature Request - Email Summarization | |
Database maintenance settings in Kiwi Syslog Webaccess doesn´t work | |
Reducing number of syslogs on web access | |
Question | |
Radio button missing text on Archive Schedule Destination tab | |
Wrong version displayed when cancelling licensing | |
sounds not playing on alert | |
"play a sound once" does not work | |
Service crash after ORACLE ODBC configuration | |
Status on 9.3.4 | |
Problem Creating Table for Oracle 11g Release 11.2.0.3.0 | |
Ability to see full list of devices |
RC builds are made available to existing customers prior to the formal release. These are used to get customer feedback in production environments and are fully supported.
↧
Cannot upgrade Syslog from Free to Trial Mode
I just installed Syslog 9.4 trial, and found there was no easy way to search the logs. Noticing this is more of the Web Access duties, I signed up for the trial. I received the new installer, and reinstalled Syslog Eval, bit Syslog continues to come up as Free, and it will not send to the Web Access. When I select the Rule, it says it's not only available in the licensed version.
I tried installing over the existing, uninstalling the free version, deleting the syslogd directory... nothing works.
I got burned with Splunk, and do not want to buy this until I confirm it's going to work for me. Any ideas?
↧
↧
Kiwi Syslog and Sonicwall Viewpoint log format are compatible?
There is some function on kiwi that I lost if I use sonicwall standard log format?
↧
Alert Message - Add Host
Kiwi Syslog Version 9.4.
I am pretty new here. Just setting up one Syslog Server for one of our branch router. I keep receiving the following message. Once per five minutes in average.
klogd: @ = Add Host : [MAC Address] VID 9 LinkID 1 PortNumber 6
Obviously, I haven't added any new host and I don't have any Port Number 6 in the device that I log. The device only contains 1 WAN port and 4 LAN port. That's it!
Would you please let me know what this alert message means? Thanks!
↧
Kiwi Syslog not displaying Cisco ASA 5505 syslogs
I have a Cisco ASA 5505 that is setup to send syslogs to a remote syslog server.
I have kiwi syslog (free) installed on a Windows 2003 R2 Server and it is listening on UDP port 514. The syslog server also is my Ciscoworks v3.2 server.
I can ONLY see the Ciscoworks log files and not the ASA. I only want to display the ASA log files.
I have googled, read the user guide, and search the forum and cannot find any procedure that I can tweak Kiwi to log the syslog files from my ASA which is being used as a VPN concentrator.
Any ideas?
↧
Need Help Troubleshooting - Not Receiving/Displaying Messages
Server 2008 R2 Std
Kiwi Syslog Server 9.4.1
I have an older version of Kiwi installed on an old server that is being retired. I've installed it on the new server, but I cannot get it to display anything. I exported settings from the other server and imported on this one, then went to Inputs-UDP and set the correct IP to bind it to.
- I've gone through ALL the steps at SolarWinds Knowledge Base :: Kiwi Syslog Daemon is not receiving messages and Kiwi Syslog Server but had no luck getting it to work.
- I know for a fact that messages are being received -- when I run WireShark with the filter, "udp port 514", I see PLENTY of traffic from my firewall. Both my firewall and VPN device are sending syslog messages to the old server and the new one. The old server is still working just fine.
- Windows Firewall on the new server is completely disabled.
- I loaded the default rules and settings but still had no luck.
- I disabled all DNS resolution - no luck.
- There is no Errorlog.txt in C:\Program Files (x86)\Syslogd.
- Test messages from within Kiwi work just fine.
- I finally uninstalled Kiwi, rebooted the server, then reinstalled, and have the same problem.
Kiwi is running as LocalService -- I wondered if that might be the problem, but that's how it's running on the old server as well.
I'm at a loss as to what to do now. I tried contacting support, but since I'm using the free version I was directed here.
↧
↧
Kiwi Syslog not capturing syslogs
Installed Kiwi Syslog Free version 9.3.4 on Windows Server 2008 R2. Trying to capture syslog from a Cisco ASA 5510. I have confirmed that the syslog events are hitting the server with Wireshark. Nothing is coming through to Kiwi Syslog. Current settings are all default. No filters in place. Not sure what is wrong as I can see the syslog messages coming through Wireshark. Any ideas as to why the syslog messages are not being seen by Kiwi?
↧
Log Forwarder for Windows (available to all Kiwi customers on maint)
What it does:
Log Forwarder for Windows allows you to forward Windows events as Syslog to your Kiwi Syslog Server
- Works on Windows XP, 2003, Vista, and 2008 (32-bit or 64-bit)
- Provides .MSI version for silent installs, allowing use with remote software distribution systems (e.g., Microsoft SMS)
- Enables definition of filters that describe which events are forwarded
How to get it:
If you download the Kiwi Syslog Server 9.0 from your customer portal, you will see there is an additional Log Forwarder executable included with your download. The Log Forwarder for Windows was developed by the Kiwi Syslog team. It is available at no cost to Kiwi Syslog customers current on maintenance.
Try it out and let us know what you think!
↧
Requesting assistance on Syslog application
Hi Everyone,
I’m Sunil working for Hewlett Packard India.
Currently, I’m facing an issue with a Kiwi Syslog application v.9x which is licensed and installed on a production environment for network monitoring. The application has failed to initialize and will not start.
I’m sharing the screenshot of the error messages, and requesting someone to please guide me in resolving the problem. As I’m not the expert in the application seeking guidance from the community.
Assistance on the following issue will be helpful and greatly appreciated.
Thank you.
Regards,
Sunil PN
↧
How to load-balance Kiwi Syslog servers
I've got a set of 3 Kiwi servers sitting behind an F5, which I *thought* would effectively load balance the incoming syslog volume (I'm seeing around 5-8million messages per hour, and we haven't really turned everything on yet).
The problem, I just discovered, is that F5 load balances based on connections, not messages/packets. So round robin isn't round robin since most of my sending systems are passing new messages (and therefore creating a connection) more than even the lowest "disconnect after" option on the F5 (which is 1 second).
So my first server is maxing out at about 5million MPH and 0% buffer, while server 02 gets 2million messages and 80% buffer, and server 03 gets barely anything at all.
Has anyone else tried this, and have you found a work around (it doesn't have to be an F5. I just need the ability to create a pool of Kiwi servers and have all the systems in my enterprise sending to ONE ip address.
Thanks!
- Leon
↧
↧
SolarWinds Log Forwarder for Windows
Hi,
I am evaluation kiki syslog server(9.4),
I got this problem with the SolarWinds Log Forwarder for Windows.
somehow when this is install in a different subnet the windows event is not forward to the syslog server.
there is no firewall in between the 2 servers.
Is this the limitation or bugs.
Tommy
↧
Problems w/ Kiwi Syslog
I am trying to get Kiwi Syslog Server functioning but have been banging my head all day. I am testing it in a very basic lab environment. Its a Verizon Fios wireless router (with buil-in switch). I have an esxi host plugged into the Verizon router. I have a WIndows 2012 VM running with Kiwi installed. I am soimply looking to catch syslog messaged from the Fios router. I have configured the Fios router to send the messages to the IP of my syslog server. The Kiwi service is definitely started but I receive no messages. I downloaded the message generator and installed it directly on the syslog server. I generate a test message UDP port 514 to loopback address 127.0.0.1. It says the message was sent ok but it never displays in the kiwi console.
All settings are default. I also tried binding the IP of the NIC to the UDP config under Setup>Inputs. I am new to Server 2012 so maybe I am missing something., Oh I also made sure the Windows Firewall is OFF.
Any help you can provide will be much appreciated
Warm Regards,
Ed
↧
Kiwi Syslog Service Getting Stopped automatically.
Kiwi syslog service is getting stop and while restarting it, again after few sec it stop. Restarted the server but no luck. Do any one have idea what will be cuase of issue.
↧