Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

Archiving the Contents of the Syslog Table

Our compliance folks mandate a retention of 2 years for Syslog events and our Syslog table in Orion has grown beyond belief. It contains close to 200 million rows!

We are looking into serious log management solutions, and expect to get there within the year, but we need to do something in the meantime to reduce the size of that table.

In the meantime, I'm wondering what is the best option to archive the contents of the Syslog table before purging it. The main consideration is for saving the table in a format that would be reasonably easy to import into a log management tool.

Has anyone successfully done something like this?

Find more posts tagged with

syslog

Accepted answers

All comments

byrona

I would strongly recommend you don't try and use the Orion syslog functionality for any form of log management; it's only designed for log alerting and if you try and do anything compliance related with it you are going to run into problems.

If you want something to satisfy compliance requirements that is fast and inexpensive to get up and running you should check out the SolarWinds Kiwi syslog server HERE; for a small product its relatively robust allowing you to both roll the logs, parse the logs into different files and zip/archive them as well. At least give the free demo a try.

netlogix

you can export it many different way, but in any case, even if you left the data in Orion's syslog table, you might have some issues getting the data into your next syslog server. One way would be to just backup the whole orion database, then restore to a new name when you get to the need to do something about importing it. if you don't like that, then you could use bcp, but that will requiring investing sometime to understand it. Just doing a backup and restore to a different DB name is easy!

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Help
Best Of