Hi Tina, Had yesterday off so today is Monday #2. Saw the reply form Nick@nfr but here is mine anyway.. SLR will do any syslog (514/UDP). Don't know if a mainframe is capable of sending syslog or netware either. NT has an agent to send the event logs. There is an agent for Unix also but I haven't got any installed yet. SLR cost around $5K they have a 2U Intel rackmount box for it if you want- most PC's will work. The NID and SLR won't work on Gateways above 600mhz. > -----Original Message----- > From: Tina Bird [SMTP:tbird@precision-guesswork.com] > Sent: Friday, November 09, 2001 1:16 PM > To: Gibson, Jerry,, DMDCWEST > Cc: 'Frank Solomon'; loganalysisat_private > Subject: RE: [logs] Syslog client alternatives for NT > > How does the SLR get the NT data? Does it do Netware > or mainframes? And what did it cost? > > I've been very impressed with what I've seen of it, but > it's a higher dollar acquisition than EventReporter... > > On Fri, 9 Nov 2001, Gibson, Jerry,, DMDCWEST wrote: > > > Date: Fri, 9 Nov 2001 17:33:31 -0500 > > From: "Gibson, Jerry,, DMDCWEST" <GibsonJBat_private> > > To: 'Frank Solomon' <sysfrankat_private>, loganalysisat_private > > Subject: RE: [logs] Syslog client alternatives for NT > > > > I am using NFR's SLR, have several routers, load balancers, NT event > logs > > and two firewall logging at level "warnings". The SLR has a discard > rule > > that makes getting rid of unwanted messages easy. I also have it set to > > alert on things like "UPDOWN" - pretty handy. If there is time it is > very > > fun playing with open source. Since there isn't, having support is the > > best. In my opinion :)... > > Cheers > > Jerry Gibson > > > > > -----Original Message----- > > > From: Frank Solomon [SMTP:sysfrankat_private] > > > Sent: Friday, November 09, 2001 1:39 PM > > > To: loganalysisat_private > > > Subject: [logs] Syslog client alternatives for NT > > > > > > Greetings: > > > > > > We're currently working on developing a central syslog strategy. > > > > > > Unix boxes seem to be very little problem. We've got every kind there > is. > > > . . > > > > > > We think we might be able to figure out how to trim out the garbage > from > > > our firewall boxes; although this hasn't been proven yet. > > > > > > We might even be able to integrate our Cisco IDS stuff, if we can ever > get > > > > > > that working. . .we're not sure. > > > > > > But we're curious how others have solved the centralization of logs > from > > > other kinds of systems. Specifically, Windows2000 or NT Servers, > Novell > > > Servers running in the NDS environment, and IBM Mainframes running > MVS. > > > > > > Right now we're experimenting with some free syslog client software > called > > > > > > Backlog for NT. But, it seems kind of poor in that it doesn't set the > > > > Facility or Priority of the log messages dynamically based on the > content > > > of the NT Event log message. What's better? Free or otherwise. > > > > > > We're at a bit of a loss on Netware; it looks like the "syslog" it has > > > > doesn't log remotely? Or does it? Also, apparently a lot of the data > > > gets > > > squirrelled away in the NDS (directory). Is there something that can > > > forward this stuff in real time to a syslog daemon somewhere? What > are > > > others doing? > > > > > > The mainframe guys laughed at me when I suggested we might want them > to > > > forward logs to a central server. MVS when it impersonates Unix does > have > > > > > > a syslog facility. But, it doesn't look like much useful stuff comes > out > > > of it. Is there something that makes the console log available via > > > syslog? What about ACF2 logs? Any hope here? Once again, what are > > > others > > > doing? > > > > > > Certainly, we could buy some big expensive package from Pentasafe or > IBM; > > > but, we'd like to avoid that if we could, and work things into a > syslog > > > environment. > > > > > > Thanks in advance, > > > > > > Frank > > > > > > ***************************************** > > > Frank Solomon > > > University of Kentucky > > > http://www.franksolomon.net > > > > > > A good mechanic only needs two tools: Duct tape and WD40. > > > WD40 to make things go; and duct tape to make them stop. > > > --unknown > > > ***************************************** > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > > > For additional commands, e-mail: loganalysis-helpat_private > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > > For additional commands, e-mail: loganalysis-helpat_private > > > > "I was being patient, but it took too long." - > Anya, "Buffy the Vampire Slayer" > > Log Analysis: http://www.counterpane.com/log-analysis.html > VPN: http://kubarb.phsx.ukans.edu/~tbird/vpn.html --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Nov 13 2001 - 10:32:15 PST