We are planning to setup a syslog server. i.e, move from Orion inbuilt syslog to kiwi syslog.
We are not utilizing orion inbuilt at this point to fullest. Just few devices are configured to send logs to this inbuilt syslog
We have around 5 devices per centers across 60 location (13 Countries)
1) 2 Routers
2) 1 Bandwidth Shaper
3) 2 Switch Stacks
4) 1 WLC with 10 APs minimum
I would like to what is the best approach.
1) How many syslog license i should be looking at?
2) What kind of server configuration is required ?
3) We need a log retention policy of 15 days. Should I consider to setup a DB to for log storage?
4) Can the Orion inbuilt syslog write messages to external DB storage
To answer your Kiwi Syslog questions:
1. 1) How many syslog license i should be looking at? - This depends on your volume. One syslog server can receive 2,000,000 messages when logging to one rule (display and log to file.
2. 2) What kind of server configuration is required ? - By default none, the configuration is done on the remote devices.
3. 3) We need a log retention policy of 15 days. Should I consider to setup a DB to for log storage? - Kiwi Syslog can do log file rotation for you: Kiwi Syslog Server
Depending on the volume, you may want to log to a database.
4) Can the Orion inbuilt syslog write messages to external DB storage / Please explain this question more in detail.
For more than 5 devices, it looks like you'll need the commercial license:
System requirements for Kiwi can be found here:
You may want to ask around the Kiwi forums vs. LEM if all you want is a syslog server and advice on setting it up.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.