RE: [logs] Syslog client alternatives for NT

From: Tina Bird (tbird@precision-guesswork.com)
Date: Fri Nov 09 2001 - 13:16:00 PST

  • Next message: Alexandre Dulaunoy: "Re: [logs] Converting log messages to XML format."

    How does the SLR get the NT data?  Does it do  Netware
    or mainframes?  And what did it cost?
    
    I've been very impressed with what I've seen of it, but
    it's a higher dollar acquisition than EventReporter...
    
    On Fri, 9 Nov 2001, Gibson, Jerry,, DMDCWEST wrote:
    
    > Date: Fri, 9 Nov 2001 17:33:31 -0500 
    > From: "Gibson, Jerry,, DMDCWEST" <GibsonJBat_private>
    > To: 'Frank Solomon' <sysfrankat_private>, loganalysisat_private
    > Subject: RE: [logs] Syslog client alternatives for NT
    > 
    > I am using NFR's SLR, have several routers, load balancers, NT event logs
    > and two firewall logging at level "warnings".  The SLR has a discard rule
    > that makes getting rid of unwanted messages easy.  I also have it set to
    > alert on things like "UPDOWN" - pretty handy.   If there is time it is very
    > fun playing with open source.   Since there isn't, having support is the
    > best.  In my opinion :)...
    > Cheers
    > Jerry Gibson 
    > 
    > > -----Original Message-----
    > > From:	Frank Solomon [SMTP:sysfrankat_private]
    > > Sent:	Friday, November 09, 2001 1:39 PM
    > > To:	loganalysisat_private
    > > Subject:	[logs] Syslog client alternatives for NT
    > > 
    > > Greetings:
    > > 
    > > We're currently working on developing a central syslog strategy.
    > > 
    > > Unix boxes seem to be very little problem.  We've got every kind there is.
    > > . .
    > > 
    > > We think we might be able to figure out how to trim out the garbage from 
    > > our firewall boxes; although this hasn't been proven yet.
    > > 
    > > We might even be able to integrate our Cisco IDS stuff, if we can ever get
    > > 
    > > that working. . .we're not sure.
    > > 
    > > But we're curious how others have solved the centralization of logs from 
    > > other kinds of systems.  Specifically, Windows2000 or NT Servers, Novell 
    > > Servers running in the NDS environment, and IBM Mainframes running MVS.
    > > 
    > > Right now we're experimenting with some free syslog client software called
    > > 
    > > Backlog for NT.  But, it seems kind of poor in that it doesn't set the 
    > > Facility or Priority of the log messages dynamically based on the content 
    > > of the NT Event log message.  What's better?  Free or otherwise.
    > > 
    > > We're at a bit of a loss on Netware; it looks like the "syslog" it has 
    > > doesn't log remotely?  Or does it?  Also, apparently a lot of the data
    > > gets 
    > > squirrelled away in the NDS (directory).  Is there something that can 
    > > forward this stuff in real time to a syslog daemon somewhere?  What are 
    > > others doing?
    > > 
    > > The mainframe guys laughed at me when I suggested we might want them to 
    > > forward logs to a central server.  MVS when it impersonates Unix does have
    > > 
    > > a syslog facility.  But, it doesn't look like much useful stuff comes out 
    > > of it.  Is there something that makes the console log available via 
    > > syslog?  What about ACF2 logs?  Any hope here?  Once again, what are
    > > others 
    > > doing?
    > > 
    > > Certainly, we could buy some big expensive package from Pentasafe or IBM; 
    > > but, we'd like to avoid that if we could, and work things into a syslog 
    > > environment.
    > > 
    > > Thanks in advance,
    > > 
    > > Frank
    > > 
    > > *****************************************
    > > Frank Solomon
    > > University of Kentucky
    > > http://www.franksolomon.net
    > > 
    > > A good mechanic only needs two tools:  Duct tape and WD40.
    > > WD40 to make things go; and duct tape to make them stop.
    > > --unknown
    > > *****************************************
    > > 
    > > 
    > > ---------------------------------------------------------------------
    > > To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    > > For additional commands, e-mail: loganalysis-helpat_private
    > 
    > ---------------------------------------------------------------------
    > To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    > For additional commands, e-mail: loganalysis-helpat_private
    > 
    
    "I was being patient, but it took too long." - 
                                    Anya, "Buffy the Vampire Slayer"
    
    Log Analysis: http://www.counterpane.com/log-analysis.html
    VPN:  http://kubarb.phsx.ukans.edu/~tbird/vpn.html
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 15:59:02 PST