[TriLUG] syslog analysis

Scott Lundgren s_l at mindspring.com
Fri Jun 25 09:56:45 EDT 2004


Hey TriLUGgers,

I'm implementing some centralized logging and I'm looking for experiences (pro or con) and suggestions with syslog analysis tools. It's a mixed environment of Solaris 9, SUSE, NT, W2K, and W2K3, about 8 machines total. The windows machines will use the Adiscon EventReporter to write syslog to the Solaris box which is the central logging box.

Ideally this is what I'd like:
- can be run/compiled on Solaris
- has web based interface 
- produces web reports (real time or scheduling generates static HTML reports for morning viewing, I'm not picky)
- I'm more concerned about the health of the boxes and tracking downtime/service issues than IDS issues
- open source preferred, but if a superior product vendor product exists let me know a URL.

So far I've turned up with comments:
 - Kiwi Log Viewer, http://www.kiwisyslog.com/products.htm#logfile_viewer, runs on Windows & I'd rather not scp logs off to run the analyzer
 - Adiscon MoniLog , http://www.monilog.com/, same issues
 - Sawmill, http://www.sawmill.net/, runs on solaris, web based interface, but never heard of it

Thanks,
SL





More information about the TriLUG mailing list