I am using NFR's SLR, have several routers, load balancers, NT event logs and two firewall logging at level "warnings". The SLR has a discard rule that makes getting rid of unwanted messages easy. I also have it set to alert on things like "UPDOWN" - pretty handy. If there is time it is very fun playing with open source. Since there isn't, having support is the best. In my opinion :)... Cheers Jerry Gibson > -----Original Message----- > From: Frank Solomon [SMTP:sysfrankat_private] > Sent: Friday, November 09, 2001 1:39 PM > To: loganalysisat_private > Subject: [logs] Syslog client alternatives for NT > > Greetings: > > We're currently working on developing a central syslog strategy. > > Unix boxes seem to be very little problem. We've got every kind there is. > . . > > We think we might be able to figure out how to trim out the garbage from > our firewall boxes; although this hasn't been proven yet. > > We might even be able to integrate our Cisco IDS stuff, if we can ever get > > that working. . .we're not sure. > > But we're curious how others have solved the centralization of logs from > other kinds of systems. Specifically, Windows2000 or NT Servers, Novell > Servers running in the NDS environment, and IBM Mainframes running MVS. > > Right now we're experimenting with some free syslog client software called > > Backlog for NT. But, it seems kind of poor in that it doesn't set the > Facility or Priority of the log messages dynamically based on the content > of the NT Event log message. What's better? Free or otherwise. > > We're at a bit of a loss on Netware; it looks like the "syslog" it has > doesn't log remotely? Or does it? Also, apparently a lot of the data > gets > squirrelled away in the NDS (directory). Is there something that can > forward this stuff in real time to a syslog daemon somewhere? What are > others doing? > > The mainframe guys laughed at me when I suggested we might want them to > forward logs to a central server. MVS when it impersonates Unix does have > > a syslog facility. But, it doesn't look like much useful stuff comes out > of it. Is there something that makes the console log available via > syslog? What about ACF2 logs? Any hope here? Once again, what are > others > doing? > > Certainly, we could buy some big expensive package from Pentasafe or IBM; > but, we'd like to avoid that if we could, and work things into a syslog > environment. > > Thanks in advance, > > Frank > > ***************************************** > Frank Solomon > University of Kentucky > http://www.franksolomon.net > > A good mechanic only needs two tools: Duct tape and WD40. > WD40 to make things go; and duct tape to make them stop. > --unknown > ***************************************** > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 15:15:43 PST