Skip navigation
1 2 Previous Next

Geek Speak

30 Posts authored by: jonathan at solarwinds

If you're like this guy and you fear that sensitive data is walking out of your network on USB thumb drives,

 


you will be happy to know that SolarWinds' software portfolio includes an alternative to thumb drives.

 

Lock Down Those USBs

SolarWinds provides a technology called "USB Defender" within its Log and Event Manager software. USB Defender protects sensitive data using real-time notification and other security features when USB devices are detected, including

  • Automatically disabling user accounts
  • Imposing quarantines on work stations
  • Automatically or manually ejecting USB devices

The USB defender also audits and reports on USB usage over time.

 

An Alternative to Thumb Drives

Regardless of whether your organziation allows USB drives, people might still have business protocols that require them to exchange large files. One alternative to using USB thumb drives is to provide employees with universal access to their home folders and/or selected folders on existing file shares. By giving them secure access to the same files they use both inside and outside the office, you reduce the incentive to make copies on removable media or use 3rd-party web sites.

 

A second alternative is to provide employees with secure "ad hoc" file sharing. This allows your end users to safely send files and request files from their daily business contacts, again without using 3rd-party web sites.

Fortunately, SolarWinds offers both capabilities in the same product: Serv-U Managed File Transfer (MFT) Server.  When you deploy Serv-U in your data center, you can reuse the same security policy, procedures, people, and infrastructure that protects the rest of your data. This will enable you to finally retire those pesky USB thumb drives.

 

Do You Have Other Security Challenges?

Be sure to check out SolarWinds' new Security site, or leave your thoughts and comments below.

If you hate user provisioning and deprovisioning and resetting passwords as much as this guy,

 

 

you will be happy to know that SolarWinds has identified five tried-and-true methods you can use to cut your daily FTP Server user administration chores down to almost nothing.

 

1. Authenticate Company Employees Through Active Directory

You already have all your internal end users configured in Active Directory (AD).  If you have an FTP server like SolarWinds' Serv-U MFT Server that can authenticate users, pull email addresses, and hook directly into end user's existing home folders, go ahead and hook it up to AD. This allows existing employees to immediately authenticate to your FTP server. It also means that employee access is revoked as soon as a user is turned off in AD. Of course, this leaves your external partners and "service" or "automation" users out, but there are additional steps we can take to reduce administrative hassle there too.

2. Authenticate External Partners Through a DB Connection

Serv-U and some other FTP servers can use database entries to authenticate end users not found in AD. This allows you to affix your FTP server to existing Web portal or customer service applications, so external partners only need to remember a single set of credentials to authenticate to your web properties.

 

3. Allow End Users to Change Their Own Passwords

Most modern Web applications allow end users to change their own passwords, and FTP servers should be no exception. FTP servers that also feature a web transfer interface usually have a link or button that allows end users to change their own passwords, and many also allow advanced end users to change passwords via FTP commands.

 

4. Send Password Expiration Notifications via Email

Security best practices typically state that all accounts that only use passwords for credentials (as opposed to a client key or client certificate) should change their password periodically. Turning on user password expiration is easy in any modern FTP server, but a good way to avoid extra help desk tickets is to proactively notify end users of required password changes BEFORE they get locked out.

 

5. Allow End Users to Trigger Their Own Password Reminders

Finally, you can use built-in password reminders on the web interface of your FTP server to avoid the most common of help desk issues: "I forgot my password."

 

Do You Have Other Security Challenges?

Be sure to check out SolarWinds' new Security site, or leave your thoughts and comments below.

While reading a recent blog post on SlashDot, my mind was opened by some touching SysAdmin poetry.  While not a lethal as Vogon verse, I promise it will alter your mood.


mystery-science-theater-3000-the-beatniks.jpg

 

FTFY by Neo-Rio-101

 

I don't want my data in the cloud

I don't want my data in a crowd

I don't want my data on the net

I don't want my data on diskette

I don't want my data over there

I don't want my data everywhere

I know the spooks don't give a damn

I do not trust you Uncle Sam!

 

 

 

 

 

 

Farts In Their General Direction by MrMeval


I do not play with the cloud clowns.
I own my own hardware and software.
I do not walk in the valley of DRM.
I do not beg to receive the fruits of my labors from datachangers.
I shall not want.

 

(untitled) by TheGratefulNet

 

Do you like data in the cloud?

I do not want it in the cloud,

I would not like it since I'm proud.

Would you like it here or there?

I would not want it anywhere.

I do not like the loss of data,

Yes, you can call me a cloud-hater.

 

 

 

Enough with the Cloud Crap Already by (unknown)

 

I don't trust you with my data.
I don't trust your security.
I don't trust your longevity.
I don't trust that you at some point in the future won't hold my data hostage.
I don't trust you to keep my data away from big brother.

I also don't trust my ISP!

FINALLY, I don't want to wait all day for a file to load.

 

Open Mic Monday

 

Have you been inspired too?

 

If you're looking for software that allows you to deploy a controlled edition of popular cloud functionality like secure file sharing, you may want to check out applications like SolarWinds Serv-U that can be deployed on your own infrastructure.  Or, if you wrote your own ode to the cloud, lay it on us in the comments below.

Now that SolarWinds has released its own ad hoc file sharing solution, where does it fit in an increasingly crowded market?

 

What Exactly IS File Sharing?

 

When we're talking about file sharing, we're talking about the ability for individual end users to send files to other people: literally to ANYONE with an email address, at ANY TIME they feel like it.

 

Ad Hoc File Sharing Diagram

We're also talking about the ability for end users to REQUEST that other people send them files.  In both cases, an email with a link to files or a link to a site where someone else can upload files is essential.

 

To Cloud Or Not to Cloud?

 

The first thing you'll note about SolarWinds' file sharing offering is that you don't "sign up" for it - instead you buy a copy of Serv-U MFT Server, install it in your datacenter, plug it into your Active Directory, and roll it out to your end users.  You are certainly welcome to try our file sharing offering online, but you deploy it in your own infrastructure - under your complete control.

 

Saving Serious Money

 

OK, so there are dozens of online file sharing offerings and even a few other server products like Serv-U that you deploy onsite.  So what can Serv-U MFT Server do for you that no other solution can?  The answer is SAVE MONEY.  Unlike almost every cloud offering and many on-premise offerings, Serv-U MFT Server lets an unlimited* number of end users share files and request files with anyone.

 

In practical terms, Serv-U makes it easy to calculate an ROI against almost any hosted offering on a per user basis.  For example, you can easily create a "what's a better deal" chart based on Serv-U's current retail price of $2995**, Serv-U's annual renewal charge of $599**, and a three-year timeframe (e.g,. total Serv-U MFT Server cost of $4,193 or $1,398/yr over three years).

 

Serv-U File Sharing ROI vs. Hosted Offerings (Over 3 Years)

 

Cost $ per user per month5 Users10 Users15 Users20 Users25 Users
$5not Serv-U
(pay $300/yr)

not Serv-U
(
pay $600/yr)

not Serv-U
(
pay $900/yr)

not Serv-U
(
pay $1,200/yr)

Serv-U ROI: $102/yr
(vs. $1,500/yr)

$10

not Serv-U
(pay $600/yr)

not Serv-U
(
pay $1,200/yr)

Serv-U ROI: $402/yr

(vs. $1,800/yr)

Serv-U ROI: $1,002/yr

(vs. $2,400/yr)

Serv-U ROI: $1,602/yr
(vs. $3,000/yr)
$15not Serv-U
(pay $900/yr)
Serv-U ROI: $402/yr
(vs. $1,800/yr)
Serv-U ROI: $1,302/yr
(vs. $2,700/yr)
Serv-U ROI: $2,202/yr
(vs. $3,600/yr)
Serv-U ROI: $3,102/yr
(vs. $4,500/yr)
$20not Serv-U
(pay $1,200/yr)
Serv-U ROI: $1,002/yr
(vs. $2,400/yr)
Serv-U ROI: $2,202/yr
(vs. $3,600/yr)
Serv-U ROI: $3,402/yr
(vs. $4,800/yr)
Serv-U ROI: $4,602
(vs. $6,000/yr)
$25Serv-U ROI: $102/yr
(vs. $1,500/yr)
Serv-U ROI: $1,602/yr
(vs. $3,000/yr)
Serv-U ROI: $3,102/yr
(vs. $4,500/yr)
Serv-U ROI: $4,602/yr
(vs. $6,000/yr)
Serv-U ROI: $6,102
(vs. $7,500/yr)
$30Serv-U ROI: $402/yr
(vs. $1,800/yr)
Serv-U ROI: $2,202/yr
(vs. $3,600/yr)
Serv-U ROI: $4,002/yr
(vs. $5,400/yr)
Serv-U ROI: $5,802/yr
(vs. $7,200/yr)
Serv-U ROI: $7,602/yr
(vs. $9,000/yr)
$35Serv-U ROI: $702/yr
(vs. $2,100/yr)
Serv-U ROI: $2,802/yr
(vs. $4,200/yr)
Serv-U ROI: $4,902/yr
(vs. $6,300/yr)
Serv-U ROI: $7,002/yr
(vs. $8,400/yr)
Serv-U ROI: $9,102/yr
(vs. $10,500/yr)
$40Serv-U ROI: $1,002/yr
(vs. $2,400/yr)
Serv-U ROI: $3,402/yr
(vs. $4,800/yr)
Serv-U ROI: $5,802/yr
(vs. $7,200/yr)
Serv-U ROI: $8,202/yr
(vs. $9,000/yr)
Serv-U ROI: $10,602
(vs. $12,000/yr)

 

* = OK, not quite unlimited; hardware and performance will eventually limit the number of users that a single Serv-U can support.  But at least there are no limits built into the software or licensing. 

** = US - legal also makes me say "subject to change"

Scott Adams is no stranger to controversy, and his latest strips may be swinging at offsite storage services - a.k.a. "the cloud."

Dogbert_Offsite_Storage.png

Read Thursday's full Dilbert cartoon here: http://www.dilbert.com/2013-07-18/

 

PointedHeadedBoss_Offsite_Storage.png

Read Friday's full Dilbert cartoon here: http://www.dilbert.com/2013-07-19

 

If it's in Dilbert, it's likely that companies are wising up to the rising costs and risk of lock-in from cloud services, like those providing off site storage or file sharing.

 

What Are the Alternatives?

 

Savvy sysadmins know there's very little cloud services can do that can't be done better - and often cheaper - by well-managed datacenters and disaster recovery.

 

As one anonymous poster noted on SlashDot this morning.

 

Your Datacenter + Your HA/DR site = You control where data is replicated.

Your data + Someone's cheap cloud service = You not having a damn clue when/where your data is replicated.

 

How Can SolarWinds Help?

 

SolarWinds applications such as Server and Application Monitor and Log & Event Manager can help you monitor and control your infrastructure better than any cloud service.  Other SolarWinds applications such as Serv-U MFT Server can be used to provide storage accessible from anywhere and secure file sharing.  (For more on that, join our file sharing webinar.on Thursday.)

What's red, white and blue and warns you when your log traffic is spiking?

kiwi_syslog_server_with_flag.png

Kiwi Syslog Server, of course!  (Red for errors, blue for info...) 

New this week: a two-minute guided tour (YouTube video) that shows you how Kiwi Syslog can monitor, archive and alert on your log files. 

 

 

Syslog Server Guided Tour

 

If you're in a hurry, here's a quick schedule of the guided syslog server video tour.

  • 0:10 - what types of messages Kiwi Syslog Server can supportmon
  • 0:20 - how many messages Kiwi Syslog Server can support
  • 0:25 - what the real time display looks like
  • 0:30 - a filtered real time display
  • 0:35 - the optional web interface
  • 0:40 - log file handing (split logs and archiving)
  • 0:55 - complying with retention policy requirements
  • 1:15 - reacting to message events with email, sounds and scripts
  • 1:25 - forwarding messages to database servers or other log servers
  • 1:45 - secure forwarding utility
  • 1:55 - conclusion, including overview/summary diagram (at 2:05)

I hope you're looking forward to some time off next week, maybe even enough time to start growing that beard you've always wanted.  With that in mind, here are some quick thoughts about beard length in the IT world.    

IT-Knowledge-To-Beard-Ratio-Jonathan-Lampe.png

IT Tools to Grow Your Beard

 

OK, we can't help you grow your own beard, but we can help you look even smarter at work.  Some of our favorite tools here include:

 

Like It? Please Share...

 

If this made your day, feel free to share with a colleague.  I'd also love to read your thoughts or links to similar cartoons in the comments section below.

A quick Bing search of German websites reveals a number of heavyweight secure file transfer options that require consulting services for deployment.  Our take?  Perhaps Germany's system administrators need something faster and easier.

 

Serv-U_Is_Speedy.png

The Elephants in The Room

 

Two of the first entries you will see on a German search for "secure file transfer" are heavyweight offerings from SEEBURGER and Envision Software.

 

SEEBURGER is a business integration and EDI company offering software for managed file transfer.  However, you can't just download and try the software for yourself without first talking to someone; their model requires you (or preferably, your boss) to hear about the many pieces of your business that need to be interconnected, even though you just want to put up a secure file transfer server and go home.

 

Envision Software doesn't actually make software.  Instead, they are a consulting operation that deploys IBM solutions (perhaps from IBM's Sterling Commerce acquisition) and Proginet EDI-based solutions.  Suffice it to say, none of that software can be downloaded immediately either.

 

And even if you could download something from these two companies, purchasing it with your credit card may not be possible.  These are enterprise software solutions...with enterprise software price tags.

 

Try & Buy Secure File Transfer Software Today

 

The recent trend in Germany, the UK and elsewhere in the EU has been for "enterprise" managed file transfer solutions to be replaced with less expensive secure file transfer solutions, such as SolarWinds Serv-U MFT Server, that are easier to deploy, easier to maintain, and easier for partners and employees to use.

 

Secure file transfer software is easier to deploy because it can be downloaded and installed from publicly available websites at any time.  Software trials are automatically activated and the products can normally be configured and started in less than ten minutes.  Even add-on components such as a secure DMZ Gateway can be deployed without a consultant or calls to the company’s support desk.

 

Secure file transfer options are easier to maintain because they can be plugged into existing Active Directory domains to provide authentication services and account information; this avoids hours of user maintenance.  Secure file transfer software may also take advantage of existing home folders, Windows shares and other enterprise storage, where other managed file transfer systems based on EDI technology practically require a hermetically sealed environment just to function.

 

Finally, secure file transfer products are easier for employees and partners to use.  They usually feature built-in web interfaces that allow people to securely upload and download files without requiring them to get an FTP client.  They may also allow for remote Web administration, provide tailored mobile interfaces, and send email so that even a novice user can by notified when files are uploaded, downloaded, or deleted.

 

Expect Native Support for Secure File Transfer in German

 

Yet another reason for the expansion of secure file transfer software is their growing support for the native language of their end-users.  SolarWinds Serv-U servers have native German interfaces, and support for languages is granular enough to provide different languages for different users.  To see how this works, download the FTP server today and select "German" when the installation prompts you for the desired language.

 

Get Affordable Secure File Transfer - Quickly

 

If you need secure file transfer software that avoids the hassle of "enterprise" sale cycles, deploys quickly and understands your language, consider Serv-U.  See how easy and affordable secure file transfer can be by downloading your free 30-day FTP server evaluation today.

A popular commercial FTP client has just been added as a new SolarWinds Free Tool!   FTP Voyager was first introduced in the mid-1990s and has been downloaded more than five million times since.   It was recently relaunched as a native 64-bit application with a fresh interface (and many other improvements) and is now available to the world for free.

 

SolarWinds recommends FTP Voyager for use with SolarWinds TFTP Server or our new Serv-U FTP Server, but we'd love it if you downloaded it and used it with any FTP server, SFTP server or FTPS server!

 

New FTP Client Tutorial Showcases New Interface

 

There are many FTP Voyager tutorials for our popular FTP client, but we wanted to say "thank you" to FatCat Servers for recutting a classic "how do you transfer files" video with the updated interface.

 


"Your FTP Voyager Video Here"

 

Have you published or seen a good FTP Voyager tutorial recently?  If so, please tell us about it in the comments below.

With the long weekend approaching I thought I'd share a fun look at what I've learned working in and around IT.

The-Longer-You-Work-In-IT-Jonathan-Lampe.png

IT Tools To Shorten Your Day


We can't fix all your workplace challenges, but we can help you wrap up and leave sooner.  Some of our favorite tools here include:


Like It? Please Share...


If you've ever felt the same way, feel free to share this with a colleague.  I'd also love to read your thoughts, experiences or links to similar cartoons in the comments section below. 

Don't Be a Sitting Duck!

 

Script kiddies test the defenses of FTP servers and SFTP servers (using SSH) every minute of every day.  IT administrators have gotten used to these probes, and smart ones have already enabled IP lockouts on their perimeter servers.  (This setting is on the "Server Settings" pane in Serv-U FTP Server.)

 

sitting_duck.jpg

However, there are a number of "well known" usernames that should never be used as usernames on FTP servers and SFTP servers because they are just too easy to guess.

 

10. administrator -  Very popular in Windows environments.  Don't use it on your FTP server.

9. oracle - Companies that like to write big checks to Larry often cut corners elsewhere to make the payments.  Don't follow the herd using "oracle" on systems that connect to the enterprise database.

8. mysql - Don't use the names of other databases or back-end infrastructure either. (Also avoid "sa", "sqlserver" , "nas", "postgres", etc..)

7. user - Popular test account, often set up with too many permissions, and often rolls over from the evaluation environment to production.

6. guest - "Sure, c'mon in.  You can use the bathroom, the phone and my checkbook."

5. apache - It's also common to see people name accounts after the web application they support with their FTP or SFTP services. (Also avoid "iis", "serv-u", "nginx", "www", etc.)

4. info - I'm honestly stumped on why "info" is popular (if you know, tell me in the comments), but it is.

3. test - "It's just a test account.  I promise I'll delete it - soon."

2. admin - Tempting to use in web applications (including Serv-U) because it's so short. Pick usernames like "[your initials]admin" instead to avoid script kiddies.

1. root - By far, the most popular attack target.  If you're building a honeypot, include root.  If not, don't.

 

Other Usernames to Avoid

 

Did I miss some the usernames you expected to see?  If so, tell me about them in the comments section below.

Quick—why do YOU transfer files from point A to point B?  Our experience shows that many of you are trying to:

  • Back up your data
  • Match up two different folders, or
  • Transfer a really big file without having to wait around


Did you know you can do all of those things and more with SolarWinds free FTP Voyager client?   This article shows you how, with five quick "file transfer recipes."  (Remember to download FTP Voyager before trying any of this on your own.)


How to Back Up Files From Your Desktop or Laptop


1. Obtain an account on either a remote FTP, SFTP or FTPS server such as Serv-U MFT Server
2. Open up the FTP Voyager Scheduler
3. Use the Backup Wizard to select local & remote folders
4. Schedule & run the backup


FTPVoyager_Backup.png


How to Synchronize Two Folders

 

1. Open FTP Voyager & open a connection to your FTP, SFTP or SFTP server

2. On your left pane, click into the local folder you want to synchronize

3. On your right pane, click into the remote folder you want to synchronize
4. Click the "Compare Folders" button between the two panes
5. Transfer files back and forth between the folders until all the files that are listed appear in green


FTPVoyager_SyncByHand.png


How to Shut Down After a Big (Unattended) Transfer


1. Open FTP Voyager & open a connection to your FTP, SFTP or SFTP server

2. Perform a test to make sure transfers work by downloading one or two small files

3. Go to the "Transfer Queue"

4. Change "On Queue Completion" to "Shut Down Computer"

5. Start the large file transfer & leave

6. Your computer will now automatically shut down when the big file transfer finishes


How to Synchronize Entire Folder Trees


1. Open FTP Voyager & open a connection to your FTP, SFTP or SFTP server

2. On your left pane, click into the local folder you want to synchronize

3. On your right pane, click into the remote folder you want to synchronize

4. Go to the "Tools" ribbon &  click on the "Synchronize" button

5. Confirm the parameters of the synchronization by looking at the Sync preview & making any necessary adjustments

6. When everything is set, click the "Synchronize" button

7. FTP Voyager will automatically make all necessary transfers & deletions to synchronize your folders & all their subfolders


FTPVoyager_SyncUtility.png

How to Get Email Alerts When Files Arrive

 

1. Open FTP Voyager & then open your Site Profiles

2. Select the server that you want to watch & select "Copy to Scheduler" from the menu
3. Open FTP Voyager Scheduler
4. Create a new transfer task
5. Add a "Download" action that points to your expected file
6. Reopen your "Download action & go to the "Events" tab
7. Add a "Send Email" event action to send you an email when the "File Downloaded" event occurs


Try It Yourself

 

To try out any of these recipies yourself, download FTP Voyager Free FTP Client today.

Whether you've been using FileZilla® as your main FTP client for a month or five years, there comes a point when you realize it can only do so much—and it's looking a bit long in the tooth. Yes, FileZilla supports multiple protocols and, yes, it's free, but a few other options have come along since FileZilla first appeared on the scene in 2001. Here are three desktop alternatives that feature modernized interfaces, free transfer schedulers, or free synchronization tools.

Ripe_Bananas_FTP_Client.png

 

Free FTP Client Alternative for Windows®

 

SolarWinds' own FTP Voyager® handles the same protocols as FileZilla: FTP, FTPS and SFTP. However, FTP Voyager also includes a free transfer schedule service and synchronization utilities. As a native 64-bit app using the same type of ribbon interface now seen in every Office® application, FTP Voyager feels particularly at home on Windows 7 desktops and laptops.

FTPVoyager_240.png

 

To get your own free copy, download FTP Voyager now.

 

Is FTP Voyager Really a Free FTP Client? 

 

Although FTP Voyager was previously sold for about $50/copy, we decided to re-release it as a free tool in 2012. So, yes: it's completely free, and it's the full version.

 

Free FTP Client Alternative for Mac®

 

If you transfer files from Mac desktops, you may want to consider an OS X client called Cyberduck. If you don't mind the "get a donation key" banner, you'll have a desktop client that supports FTP, SFTP and FTPS, just like FileZilla. The only thing you may have to get used to is the single-pane, drag-and-drop interface, but those of you with only one mouse button are probably already familiar with that. 

 

cyberduck_240.png

 

Free FTP Client Alternative for Firefox®

 

If you run Firefox as your primary Web browser, you can download and install a plug-in called "FireFTP" that provides the same traditional side-by-side transfer windows as FileZilla. Like FileZilla, FireFTP supports FTP, SFTP and FTPS connections. However, since it's entirely browser-based, it does not help with scheduled or command line-driven transfers. 

 

fireftp_240.png


Is your auditor getting under your skin?  What if you told her that she could have all the logs from ALL your routers, ALL your servers and many other devices for the past few years - would that keep her out of your hair for a while?


Kiwi_Syslog_Makes_Auditors_Smile.gif


Fortunately, SolarWinds offers a product in Kiwi Syslog Server that allows you to hold on to logs as long as you want, and not a day longer, with individual devices or networks logging to their own set of managed log files.

Log Retention Best Practices

1) Plan to Keep All Your Logs for Several Years

Every industry is regulated differently, and businesses are often subject to different tax, liability and privacy regulations in different locations.   Some common recommended retention periods include: 


In most cases it is wise to plan to retain your logs for several years, with "seven years" serving as a safe common denominator. 

2) Draft and Approve a Retention Policy

A written, mandatory policy for document retention and destruction is standard operating procedure for publicly traded companies operating under Sarbanes-Oxley  (SOX), but it is also a good idea for other companies as well.  A written policy, approved by legal council and senior management, gives the IT department the requirements and authority to shape document retention, including logs. 

There are many sample retention policies available online, such as this document retention policy template provided by the University of Wisconsin.

3) Automate Log Archival and Retention

To avoid manual mistakes and interruptions, you should automate every possible aspect of your log archival and retention process.

  • Collection: use Syslog or SNMP traps to collect logs from every possible source
  • Archival: set up your "to disk" logging rules to log separate logs for each device and write a new log for each device each day
  • Retention: set up file compression rules to reduce the space used by logs after a few days, then use file deletion rules to automatically delete logs more than a certain number of years old


How to Automate Log Retention with Kiwi Syslog Server

 

  1. Download and install Kiwi Syslog Server.
  2. Configure your routers, computers, applications and other sources to log to the syslog server.
  3. Split each source into its own file.  For each source:
    • Create a new Kiwi Syslog Server rule.
    • Add a "IP address" filter to the rule that matches the source's IP address.
    • Add a "Log to File" action to the rule to log to a specific file.
    • Use a file name that contains "%DateISO", such as "router_192-168-1-1_%DateISO.log", to get a different file for each day
  4. Create a Kiwi Syslog Server Schedule that runs every day and moves old files into a compressed archive.
    • Create a new "Archive" schedule and set the frequency to "Day."
    • Point the source to your log folder.  Keep a file mask of "*.*" to select all log files. 
      • Set a file age of about seven days.  (Only keep what you need for current analysis.)
    • Point the destination to a separate log archive folder. 
      • Make sure the "Move files...", not the "Copy files..." option is selected.
    • On the "Archive Options" tab, check the "Zip files after..." option.
      • You many also want to increase the compression level.
    • On the "Archive Notifications" tab, you may want to set up an archive report. 
  5. Create a second Kiwi Syslog Server Schedule that runs every day and cleans out the archive folder.
    • Create a new "Clean-Up" schedule and set the frequency to "Day."
    • Point the source to your log ARCHIVE folder.  Keep a file mask of "*.*" to select all log files. 
      • Set a file age of about seven years.  (Keep as many years as your retention policy requires.)
    • On the "Clean-up Notification" tab, you may want to set up an archive report. 


To try this procedure in your own deployment,  download a free, full-featured trial today.

Did you know that you can use Kiwi Syslog Server from SolarWinds to archive your Windows Event Logs?  (Handy if you need to meet regulatory requirements such as SOX, HIPAA or PCI-DSS.)

 

This video shows how SolarWinds Log Forwarder for Windows can be configured to send some or all your logs to one or more syslog servers. From there, Kiwi Syslog Server can be used to archive, compress and eventually purge your logs as your retention policy dictates.

 

How to Get SolarWinds Log Forwarder for Windows

 

You can download Log Forwarder for Windows from here. And it is also included as part of your Kiwi Syslog Server download file.

Capture.PNG

 

After you install the software, a Windows service will automatically start, but you need to configure the utility before it will forward Windows Event Logs. Start by opening the configuration utility from your Start Menu.  Then set up at least one Syslog Server (IP address and port number) and one "subscription" (which defines which event logs you want to forward).

KSS_9-5_LOG-FORWARDER-WINDOWS_Base_EN.PNG

Filter Blog

By date: By tag: