[c-nsp] Any good filters for syslog output
Eric Van Tol
eric at atlantech.net
Thu Dec 18 06:52:58 EST 2008
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Tuc at T-B-O-H
> Sent: Wednesday, December 17, 2008 3:54 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Any good filters for syslog output
>
> Hi,
>
> We are going to be monitoring the syslog output (We already have
> a product (Zenoss)). Does anyone know of a repository of the "Watch
> for these regular expressions" to decide what is worth looking into, and
> whats worth ignoring.
>
> Thanks, Tuc
If you're looking for a supported, proprietary product, check out Solarwinds Orion - much more than just a syslog repository, though. You are able to store syslogs in a SQL database, create rules for syslogs based upon source IP, source hostname, message type (%LINK-4-ERROR, etc.), and message contents. You can also do fancy things like forward the syslog to another syslog server, send an email/page, modify the message, and do time-of-day rules. On the downside, if all you need is a syslog server, you have to pay for the entire Orion suite, which is pretty expensive.
-evt
More information about the cisco-nsp
mailing list