Aforsythe

Yes you can. Strangely enough, this is listed in the help under "Script Variables" and technically it IS a script variable, but I feel it needs to be documented somewhere more intuitively. What you want to do is set Fields.ActionQuit = 1000 and that will stop processing the message. 0 clears it. 1-99 sets it to skip the…

I don’t know that you need a regex to filter this. Use a complex filter and then in the Include (Or Exclude if that’s what you’re trying to do) The Complex filter provides 2 text boxes for Include and 2 for Exclude. Put this string in 1st box: “%LINK-3-UPDOWN: Interface” Then put this string in the 2nd box: “changed to up”…

There is script that you can setup to alert by host and you can find it here: Script for monitoring Host Check in times Let me know if you have any problems with editing or implementation and I can help you.

I'm on the latest version so this is from memory... Depending on your version, the overflow buffer may be 20k or 100k and may or may not be configurable. There is also an alert threshold that you can set (at least in 9.3) that defaults to 0, so if ANY messages overflow you'll get an alert to let you know. You can check the…

Cyrill, You can do this and it's very customizable. You'll want to set your log-to-file action to rotate by file age and set it to one day. This will get you an individual file every day for the device(s) you are logging to that file. You will then want to go to schedules within Kiwi and create a new scheduled action.…

Rick, You should be able to just install Kiwi Web-access. I would first remove it completly using the "Add Remove Programs" option in windows. Then look in your installation folder for Kiwi Syslog Server. There should be a subfolder \Setup and in that folder is a file called: KiwiSyslogWebAccess_1.4.4_Setup.exe That file…

Chuck, Sorry I haven't had time to check in on the forums lately, and you may have already figured out the answer to this. The only thing I can think of that would cause the basic empty sub Main{} not to work is if the "Script Language" setting in the Run Script action was set to something other than Perl, and it would…

Without seeing your rules and settings for logging, I'd just be making guesses like maybe it timed out trying to create a file, and possibly recovered the next time it hit the the LogToFile Action, but I would think there would be a time-out error is that occurred.

Are you forwarding via script? or using the "Send Syslog Action"? or are you using the "Forward to another host" action? I'm using the forward to another host action and it's working fine for me... Then again, I'm forwarding to another kiwi host and not using Lem.

GMF, There are several reasons I can think of why you might see something in the Service Manager, but not see it in the web manager. There is only one reason I can see that you would be experiencing the opposite and that is filters. If you can see the message in the web access, but not the service manager display, you must…

With just the default configuration of Kiwi, you should see all of your logs in the default display, so if you're not seeing ANY logs, then I would look at the windows firewall settings and make sure you're allowing port udp514, also check any routers or firewalls you might have between your devices and Kiwi for ACLs that…

srikantm​, Kiwi does not have reporting capability out of the box, it all has to be scripted. You could do this via a local installation of MySQL or SQL Server (my preferences for DB Engines) and use their built in SMTP configuration to attach and email the report as part of a stored procedure that generates and exports…

1. Correct. 2. They will be persistent, but it doesn't hurt to back them up anyway. I've been through 4 upgrades and have had no problem. But things happen. From the file menu, you can export your settings to an INI file and this will account for all of your rules, filters, schedules, database formats and login credentials…

You don't have to configure anything within Kiwi to collect data. Each device needs to be individually configured within the device itself to syslog. Depending on how many devices and how much information you are logging, you will probably want to setup a seperate display and log-file rotation for each device, but even…

The Procurves really don't over complicate things when it comes to enabling Syslog. I would try setting the Severity to debug just to see if you get anything. The facility should not matter unless you are filtering based on that. I would ask about your filters, but you seem to know what you're doing and if you're…

The IP Address/Range filters do filter on source IP and not the content of the syslog message. In order to filter on message content, you have to use the message filters and regex expressions or write a script to parse the actual syslog message.

I've never had to uninstall it, but here are some places you can check... Look in the system registry under HKEY_Local_Machine \Software\SolarWinds and remove that key. Unless you installed to another directory, you can also just try looking for the syslogd folder and remove it. EDIT: This solution applies to any software…

Jens, Those statistics are calculated upon receipt of the message prior to any rules or filters. If you want stats that exclude those messages, you will need to build a script to collect your own stats after all of your filters. If you check the scripts that are available here for download, you will find the script that…

I'm curious as well... I missed 2012 and have been waiting for some kind of announcement...

If you're wanting to find This: CID34000 Shaynet 1000000 But not this: CID34000 Shaynet 34000 Then you'll want to do something like this: Select InterfaceAlias, CircuitID FROM Interfaces Where CircuitID is not null AND Patindex('%' + CircuitID + '%' ,InterfaceAlias) = 0 You may need to cast/convert CircuitID depending on…

svermette2, I had the same issue twice just upgrading from one version to another and on two different OS/hardware configurations, multiple attempts to upgrade were failing at the end, sometimes with the error you mentioned. The way I resolved this, was to shutdown kiwi completely, stop the service manually and close out…

I don’t believe there is a free edition any longer, only the trial and the full version. What link are you clicking?

EDIT: I suppose I should have read the subject of your topic... Still you can do the same thing for a web filter using regular expressions filtering on message text. If you want to ONLY send those messages to web access, you can use the filter below with your "log to kiwi web access" action rule. You can definitely filter…

Hrm... Syslog messages should be hierarchical, meaning setting it to Info or Debug should get you all of the messages higher than that. So theoretically you should be seeing warning and above if you're already seeing notice and info. It should be as simple as: config term logging host x.x.x.x logging traps 7 (if you want…

You can definitely script this if the problem is consistent enough to write logic for. But you'll have to be familliar with at least one of the supported scripting languages and you will not be able to rely on your kiwi generated statistics because they will be wrong. In your example, if this: 02-06-2013 13:01:35…