From time to time a network error occurs. Fortunately, it is only ‘from time to time’ but when it does all hell breaks loose. Tracking down the source of the problem is a huge time consuming quagmire of event logs, alerts, system traces and manual graft. This is where a syslog should prove useful. The WIKI has good background on it and this site, syslog.org, has a good range of tools.

On our firewall we moved to Sonicwall Viewpoint, a custom syslogger with a graphical front end which helps immensely but is focused purely on the firewall itself. What I need is something similar for the whole network, to be able to collect, analyse, act up on, and either keep or discard information relating to the health of the network. Devices include printers, print devices, routers, firewall, servers (with event logs), IP Phones, terminals, routers, switches and hubs as well as a bunch of other equipment that I just can’t think of at the moment.

Some sysloggers I’ve come across include

Kiwi, link here
NTSyslog, link here
Syslog from Monitorware, link here

I’ve also read, in an issue of PC Pro (July 2006) about a product called Snare which takes Event Logs and feeds them into Syslogs, link here. Other useful sites include Sawmill who provide a reporting front end utility for syslog data.