cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
902
Views
0
Helpful
2
Replies

Recommended product for syslogging and snmp monitoring

Adrian Jones
Level 1
Level 1

Hi,

    We currently use KIWI syslog but can anyone recommend a better product for syslogs from Firewalls, Routers and Switches. Our current product creates a seperate text file per day per device. Ideally I would like all these to be combined (or combinable for display purposes) into one log that shows to update realtime and have the ability to filterout "background noise" - stuff we know is acceptable, as well as being able to run simple or quick searches and reports. Ideally for asbout 200+ devices.

     Am I too hopeful or is there a product out there that can do this (that also will not break my companies bank account).

     Also, recommended products for SNMP monitoring if better than we currently use would be useful - currently using Orion and SNMPc.

Regards

Adrian

2 Replies 2

steve.lee
Level 1
Level 1

Adrian,

We use syslog-ng for RHEL. It can do what you need as far as writing to files and filtering out background noise, but it is not a search/reporting tool. If KIWI does the latter, I imagine you could tell it to read from the file that syslog-ng creates.

It is open source for writing files through version 3.1.4. Later versions require licensing to write to files or if you are using a Windows OS.

http://www.balabit.com/downloads/files/syslog-ng/open-source-edition/3.1.4

Here are some other options:

Rsyslog: http://www.rsyslog.com/

Splunk: http://www.splunk.com/

Snare: http://www.intersectalliance.com/projects/index.html

Hope this helps.

Steve Lee

Emory University

steverobin
Level 1
Level 1

We use CloudView NMS http://www.cloudviewnms.com  . It supports collecting sysLog messages, SNMP traps (all versions of SNMP and many other standards (TL1, SMTP, ...) .  They discovered our network, so now we also use them as inventory tool, put in maps (they use Google maps). They claim it is scalable to thousands of nodes (we have 650 so far) and unlike others they do not charge as your  network grows - from my point of view very important feature :-).  Local and remote access for multiple users. The system can load private SNMP MIBs of 3rd prties. Free trial version is available on the above site. The commercial version costs $295 for any network size and any number of remote users

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco