Syslog is a wonderful and common tool for oversight and maintenance of network environments and devices.
There's no shortage of enabled hardware, applications, protocols, servers, and more who all readily will give up all the Syslog info you could want – but Syslog info being sent off into the void is no good, which is where a program like Kiwi Syslog Server comes in.
Kiwi offers both a Free and a Premium version – the free version allows monitoring of up to five SNMP devices, both collects and archives SNMP traps as well as Syslog messages, and is also able to view as well as set triggers and alerts and react to message statistics.
The premium version, on the other hand, has all that functionality but is also able to archive logs and sort by device, role, and message content, can trigger alerts that can be sent via email, play a sound, run a program, or perform other complex responses, provides a Web-based view for portable monitoring and adjustments, and also allows for a range of forwarding ability to be able to push Syslog and SNMP to other gathering programs or devices!
Configuration of Kiwi is nice and easy – there's a simple drop-down section of the server setup for inputting the IP addresses for receiving messages via numerous protocols, all of which are broken down in a convenient menu-based format.
There's nothing more to it than that!
The basic setup also includes a range of options for importing/exporting settings, sending test messages in order to provide troubleshooting and make sure that critical alerts trigger properly, scripting, and so forth.
The program also offers a nice range of visual customization, making it very simple to change the look of various messages and alerts, thus providing an even better on-the-fly glimpse of what's going on without having to search, sift, and dig through the messages rushing by on screen.
Highlighting can be performed by field, strings, exclusion based, and several others!
It's also worth emphasizing the capability of Kiwi to perform automated storage, compression, archiving and searching of logs, which remarkably aids in managing devices over a longer period of time.
It can be tempting to purge out old logs, or simply a requirement when storage comes at a premium or is taken up by other more mission-critical data, but missing out on long-term data that can be studied and analyzed to aid in ongoing troubleshooting can really be a disadvantage, which makes a program which automatically compresses and handles all the fuss of managing that for you all the better!
- Offers a freeware version for smaller networks
- Captures both syslog and SNMP traps, ensuring nothing is missed
- Interface is easy to use, and allows for quick filtering based on application, location, or custom grouping
- Color-coded warning level helps critical events pop out, and aids in prioritization
- Affordable for any size network
- Built for sysadmins, not the best option for home networks or non-technical users
The web-based view that the paid version of Kiwi provides is especially handy, as it makes it remarkably easy to perform configuration changes, add or remove devices, and most importantly, monitor them all even while on the go!
A technician out and about needs to have some amounts of oversight even when out of the office, and that's precisely the sort of functionality provided by a robust web-based server interface.
All the functionality of the main server is fully available via the web interface, including the full range of filtering, setting adjustments, highlighting, and so forth.
Kiwi has several pretty strong things to boast about – it's price point is remarkably low for its functionality, and the software is both extremely easy to use and very easy to setup compared to many other SNMP and Syslog server programs.
On the down side, it lacks some of the more robust and impressive alerting functionality that other programs offer, and the ability to search and sort messages can often leave something to be desired, especially when dealing with multiple devices and large amounts of message traffic!
The free version of Kiwi works fully featured for 14 days, and the full version is a remarkably reasonable $295 – a decent sum but altogether quite low when it comes to SNMP and Syslog Server options, especially those with a wider range of features and better throughput!
As far as compatibility, Kiwi functions on the full range of Windows environments, Server and otherwise, from XP to Windows 8, in x32 and x64 environments, as well as Windows Server 2012 and 2012 R2.
ManageEngine EventLog Analyzer is an example of a Syslog server that offers many other useful functions. For a start, the service is able to collect Syslog messages, not just passively receive messages sent by other software. It also collects Windows Events and status reports from a list of affiliated software packages. These messages are converted into a common format and made available for searches.
The final function of the EventLog Analyzer’s log management module is to file arriving log messages in a meaningful directory structure, rotating logs by date and making older log messages available for auditing and historical analysis.
- Log message collection
- Log consolidation
- Log file management
- Log viewing
- Log throughput statistics
The ManageEngine system provides statistics on log message throughput and can also segment metrics per source of source type. This is, in itself a useful source of information, without even reading the contents of log messages. Variations in log message creation can indicate an event and you can use those changes in throughput to trigger deeper analysis.
In addition to managing logs, the EventLog Analyzer performs security searches to identify threats. This is a SIEM service.
- Collects a Syslog, Event logs, and application logs
- Consolidates logs and files them
- Compliance reporting
- File integrity monitoring
- Security monitoring
- Much more than just a Syslog server
ManageEngine EventLog Analyzer runs on Windows Server or Linux. There are three editions of the tool and the first of these is Free, which includes log collection. However, the free version is limited to collecting logs from five sources. You can get a 30-day free trial of the full paid version of EventLog Analyzer.