Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

How to monitor Syslog Server

Hi Folks,

I'm looking at what we need to monitor to ensure that Kiwi Syslog Server is actually  running OK.

The obvious metrics are :-

-   "Kiwi Syslog Server" service is "Running"

-   Process Syslogd_Service exists

-   Is searching for "error" in the errorlog.txt a valid check?

We also plan to email an alert if we receive less than X messages in 60 mins, but if Kiwi Syslog Server is not running correctly,

we won't get this message!

Do we really? need to check if no logfiles have been updated in say the last 5 minutes ?  (if log files are generally  created at least every minute)

Any thoughts on how we can determine that KSS is actually running OK?

Many Thanks,

0 Kudos
1 Reply
Level 12

The email for less than X messages is useful for other issues not necessarily direct KSS errors.  If you normally get 1000 messages in 5 minutes and only got 10 there may be an issue(network, sending hosts, FW, etc).

The service and/or process monitor are the most important.  Then the log file.  Most errors will end up crashing/stopping the service.  Some will leave it in a running state but not processing(rare).  We don't alert on just "error" anymore since some errors don't have an impact. 

Our current strings are:

FlushCacheLines <Encoding Failed>

Out of String Space


Automation Error

Unspecified Error

mswinsck.ocx Error

Unable to determine remaining space on drive C:

Unable to open

Unable to bind