Hi everyone,
I'm currently working on integrating Kiwi Syslog Server with SolarWinds SEM, and I've encountered a challenge I hope someone here can help with.
Here’s my current setup:
All logs from multiple sources are being forwarded to centralized Kiwi Syslog Servers.
I successfully configured SEM agents on the Kiwi servers.
These agents are monitoring the log file to which Kiwi writes all incoming syslog messages.
The logs are indeed reaching SEM, and I can see them inside the SEM console.
The issue:
SEM is not parsing or classifying the incoming syslog messages properly.
The events are showing up as generic logs.
No parsing, no categorization, no filtering options, and no ability to trigger rules or active responses.
The format being written by Kiwi is the default one.
I’ve reviewed the Kiwi log output formats, and unfortunately, none of the available templates match SEM’s expected format.
Also, I couldn't find a dedicated connector or supported parser for logs originating from Kiwi Syslog Server.
My question:
Is there any recommended log format or custom template I can configure in Kiwi to make the logs compatible with SEM?
Is there a way to manually map or parse these syslog messages in SEM?
Are there any existing connectors for Kiwi logs or a similar workaround others have used?
I’d really appreciate any advice, templates, or shared experience that could help.
Thanks in advance
