We are using Kiwi as well. It is running on Win2k, taking syslog messages from network gear, VPN appliances & Unix servers. The feature I like the most is that Kiwi will store the messages it recieves in a SQL Server db (or an ODBC db I think). _________________________________________________ Arron King Network & Systems Administrator Ohio Dominican College voice - 614.251.4515 fax - 614.252.2650 kingaat_private http:\\www.odc.edu\~kinga -----Original Message----- From: Jason Lewis [mailto:jlewisat_private] Sent: Sunday, December 16, 2001 5:39 PM To: 'Mike Blomgren'; loganalysisat_private Subject: RE: [logs] syslog & Win2k? Kiwi makes a windows syslog server. http://www.kiwi-enterprises.com/ My experience with it on 2000 was good. I don't think there is an issue with the number of servers you have. Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. -----Original Message----- From: Mike Blomgren [mailto:mike.blomgrenat_private] Sent: Friday, December 14, 2001 8:57 AM To: loganalysisat_private Subject: [logs] syslog & Win2k? I'm interested in hearing some 'real world' experience with running a syslog daemon on Win2k, and would like to hear your opinions. We're a 'mixed' OS shop, with *nix and MS plattforms. We need to have the syslog from several (8-10) production webbservers, log to a dedicated syslogd host. For political reasons, the receiving syslogd host is a Win2k (something I'd like to change...). However, Win2k doesn't handle syslog by default. So, my questions is really; which syslog daemon for Win 2k would you suggest, and why? Another concern is security. The syslog will contain sensitive information, and we need to be certain that the sylog contains correct information, and is not tampered with. Also, to perform the logging, the syslog has to pass a firewall situated between the webservers and the syslod host. Security implications? Should we trust syslogd, or would you recommand nsyslogd, or the such?... I realise this is a lot to ask for, but I'd really appreciate some real-world experience. I know there are a lot of logical and practical issues in the above scenario, such as issues of stability, authenticity, availability, analysis of the syslog info, etc, etc... TIA Regards, ~Mike Mike Blomgren CCNOX Security Management & Technology AB Box 5227 102 45 STOCKHOLM www.ccnox.com _____________________________________________________________ The information included in this e-mail is intended only for the person or entity to which it is addressed. Any use of this information by persons or entities other than the intended recipient is prohibited. If you receive this transmission in error, please delete this email and destroy any copies of it. Any opinions expressed in this email are those of the individual and not necessarily those of the company CCNOX. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Dec 17 2001 - 09:57:20 PST