Setting up a syslog server help....

We are a small shop IT department and it has been emphasized to us to monitor our syslogs.  We do not have a lot of background in this.  I have been playing with KIWI but the amout of logs to gather is overwhelming.  We need some guidance or best practices for setting up a log server and what to focus on.  We have firewalls, switches and multiple windows servers.  I can easily gather all the info but knowing what to focus in on is the hard part.  Any guidance would be helpful.  Out of all the documentation I have not found something like this or I dont know what to look for.  Thanks!

Phillip

Parents
  • Phillip this really depends on your logging compliance needs.  Most of the traffic most people receive (up to 98%0 are informational messages.  I would configure your devices to send notice and above.  This should drastically reduce the number of syslogs coming into your Kiwi Syslog server.

Reply
  • Phillip this really depends on your logging compliance needs.  Most of the traffic most people receive (up to 98%0 are informational messages.  I would configure your devices to send notice and above.  This should drastically reduce the number of syslogs coming into your Kiwi Syslog server.

Children
No Data