• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Kiwi Syslog and Multiple Devices

R

Rogue

Banned
Alright, here's the deal. I have let's say three network devices I want to syslog to a Windows server running Kiwi Syslog daemon.

What I want to do is log all the firewall messages to one file. All the VPN messages to another and all the router messages to yet another text file. I've read the FAQ on their website for this and it doesn't make sense and isn't very clear. Has anyone else done this using Kiwi or can you recommend another syslog daemon for a Windows server that will do this much better than Kiwi.
 
If you have the registered version, open Kiwi, go to File Setup. Then follow the directions given. Ensure you highlight the ACTIONS item to create a new item to point to a log file location.

Then do the same with filters and enter hostname or ip address fro each group.

Repeat until you have an action and corresponding filter for each group you want to monitor separately.

A group can be as few as 1 device.
 
The confusion comes in with regards to the term "group" in documentation. I can find no reference in the setup to any group settings. I am currently on a 30-day trial version of the Licensed product, so if this does what I want, I will likely purchase. I will post a screenshot of what I think you're talking about when I get home. Unless of course you can post a screenshot of what you're talking about first. 😉
 
Originally posted by: Rogue
Is this what you're talking about doing in the Setup window?

http://www.roguestorm.com/images/photos/kiwi.JPG
Click to expand...

Yes, that appears to be correct. The groups term is a bit misleading. Took me a bit to figure it out. But it looks like you've got it now.

I really like it. It's cheap, gives basic data and I've used it to fix router and switch errors I was having.

Better than paying Cisco $10K for netowrk monitoring when this is all I really need.
 
I'm am going to start dumping the log files into the Honeynet Security Console found here once I get enough log files built up. The tool is free and seems to be fairly effective. You might want to look at it.

Thanks for the confirmation that I've headed down the right road.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top