Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

New KiwiSyslog server user

I have downloaded the trial version of Kiwisyslog server. While I have read as musch of the documentation I can I still need some answers before I recommend my organization purchases it. I have installed it and I am currently pulling syslog for my Cisco ASA 5510 successfully.

1.) I have logged into the web access component and I can view the live syslog. Can the web access view anything besides the live file being built? I have the logs aging after a 24 hour period and when I try to run a filter that has the date corresponding to an aged file it stilll only brings up the current file being logged. The date part of the filter allows me to change the date but I cannot get it to pull the date requested.

2.) Could I build a filter in the web access that would allow me to see what any given private (mine)IP address was accessing at any given time? And if I could do this would it be possible to access those older aged syslog files.( Same as question 1 )

Any help would be appreciated

Find more posts tagged with

Accepted answers

All comments

bshopp

Can the web access view anything besides the live file being built?

Can you elaborate, what would you like to see?

I have the logs aging after a 24 hour period and when I try to run a filter that has the date corresponding to an aged file it stilll only brings up the current file being logged. The date part of the filter allows me to change the date but I cannot get it to pull the date requested.

If you are logging to a file, what is logged here is separate from what you can view in the web console. Assuming you have actions to log all Syslogs received to a file and to the web console, the web console view is coming from an embedded SQL CE database. In the web console, you can specify how long Syslog messages are able to be viewed there before they are aged out. Also keep in mind, if you have high volumes it stores 4GB and if your aging rule has not been reached, the oldest will delete out automatically

Could I build a filter in the web access that would allow me to see what any given private (mine)IP address was accessing at any given time? And if I could do this would it be possible to access those older aged syslog files.( Same as question 1 )

I don't have an install in front of me, but you should be able to create this filter in the web console. However, it will only apply to the Syslog messages you currently have in the web database. You can open the Syslog messages logged to a file with the Syslog Win32 UI or some customer also purchase our Log Viewer to open older log file version to view and search in them.

If any of these do not make sense, let me know, happy to help out and get your questions answered.

Eric_Hutchinson

Thanks for the quick answer bshopp.

I will try to be a little more clear.

I have the syslogs aging after 24 hours. This means that so far I have about ten files for the last ten days. In the filters part of the web app ( which I have running on my PC) can I see what URL's any given IP has accessed on any of those ten files that are on the PC running kiwi syslog server.

Thanks

bshopp

The web console access is not accessing those files on the Kiwi Syslog server. Let me explain further:

Kiwi Syslog win32 client on the Kiwi server is used for settings and long term storage and more advanced actions like email alerts etc. The Syslog messages can be stored to a file or a DB etc.
Kiwi Web Access is more for short term viewing of Syslog message.

Syslog messages are essentially duplicated for the web console and storage in a SQL CE database. In your situation you the Syslog message being logged to a file on the server, rotating to create a new file each day. You have another action which logs then to the web console. The web console is not intended for long term storage, as a SQL CE database can only store so much data.

I believe what you are ultimately asking for, please correct me I am wrong is auditing in the web console of what filters or Syslog messages a particular user has requested/accessed for a given period of time, is that correct? If yes, then the answer is no, you cannot do this. The Kiwi Web Console allows you to define up to 5 user accounts.

If I am still missing what you are after let me know and we can take this offline and discuss via email or phone