[logs] Syslog client alternatives for NT

From: Frank Solomon (sysfrankat_private)
Date: Fri Nov 09 2001 - 13:39:06 PST

Next message: Tina Bird: "Re: [logs] Syslog client alternatives for NT"

Previous message: Sam: "Re: [logs] syslog.conf"
Next in thread: Tina Bird: "Re: [logs] Syslog client alternatives for NT"
Reply: Tina Bird: "Re: [logs] Syslog client alternatives for NT"
Reply: Gibson, Jerry,, DMDCWEST: "RE: [logs] Syslog client alternatives for NT"
Reply: Victor Fernandes: "Re: [logs] Syslog client alternatives for NT"
Reply: Gibson, Jerry,, DMDCWEST: "RE: [logs] Syslog client alternatives for NT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greetings:

We're currently working on developing a central syslog strategy.

Unix boxes seem to be very little problem.  We've got every kind there is. . .

We think we might be able to figure out how to trim out the garbage from 
our firewall boxes; although this hasn't been proven yet.

We might even be able to integrate our Cisco IDS stuff, if we can ever get 
that working. . .we're not sure.

But we're curious how others have solved the centralization of logs from 
other kinds of systems.  Specifically, Windows2000 or NT Servers, Novell 
Servers running in the NDS environment, and IBM Mainframes running MVS.

Right now we're experimenting with some free syslog client software called 
Backlog for NT.  But, it seems kind of poor in that it doesn't set the 
Facility or Priority of the log messages dynamically based on the content 
of the NT Event log message.  What's better?  Free or otherwise.

We're at a bit of a loss on Netware; it looks like the "syslog" it has 
doesn't log remotely?  Or does it?  Also, apparently a lot of the data gets 
squirrelled away in the NDS (directory).  Is there something that can 
forward this stuff in real time to a syslog daemon somewhere?  What are 
others doing?

The mainframe guys laughed at me when I suggested we might want them to 
forward logs to a central server.  MVS when it impersonates Unix does have 
a syslog facility.  But, it doesn't look like much useful stuff comes out 
of it.  Is there something that makes the console log available via 
syslog?  What about ACF2 logs?  Any hope here?  Once again, what are others 
doing?

Certainly, we could buy some big expensive package from Pentasafe or IBM; 
but, we'd like to avoid that if we could, and work things into a syslog 
environment.

Thanks in advance,

Frank

*****************************************
Frank Solomon
University of Kentucky
http://www.franksolomon.net

A good mechanic only needs two tools:  Duct tape and WD40.
WD40 to make things go; and duct tape to make them stop.
--unknown
*****************************************


---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Tina Bird: "Re: [logs] Syslog client alternatives for NT"
Previous message: Sam: "Re: [logs] syslog.conf"
Next in thread: Tina Bird: "Re: [logs] Syslog client alternatives for NT"
Reply: Tina Bird: "Re: [logs] Syslog client alternatives for NT"
Reply: Gibson, Jerry,, DMDCWEST: "RE: [logs] Syslog client alternatives for NT"
Reply: Victor Fernandes: "Re: [logs] Syslog client alternatives for NT"
Reply: Gibson, Jerry,, DMDCWEST: "RE: [logs] Syslog client alternatives for NT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 14:03:16 PST