[c-nsp] Any good filters for syslog output
Martin Moens
Moens at carrier2carrier.com
Thu Dec 18 12:02:28 EST 2008
Eric Van Tol <> wrote:
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
>> bounces at puck.nether.net] On Behalf Of Tuc at T-B-O-H
>> Sent: Wednesday, December 17, 2008 3:54 PM
>> To: cisco-nsp at puck.nether.net
>> Subject: [c-nsp] Any good filters for syslog output
>>
>> Hi,
>>
>> We are going to be monitoring the syslog output (We already have
>> a product (Zenoss)). Does anyone know of a repository of the "Watch
>> for these regular expressions" to decide what is worth looking into,
>> and whats worth ignoring.
>>
>> Thanks, Tuc
>
> If you're looking for a supported, proprietary product, check out
> Solarwinds Orion - much more than just a syslog repository, though.
> You are able to store syslogs in a SQL database, create rules for
> syslogs based upon source IP, source hostname, message type
> (%LINK-4-ERROR, etc.), and message contents. You can also do fancy
> things like forward the syslog to another syslog server, send an
> email/page, modify the message, and do time-of-day rules. On the
> downside, if all you need is a syslog server, you have to pay for the
> entire Orion suite, which is pretty expensive.
>
> -evt
For those using a windows server for syslog, sl4nt
(http://www.netal.com/sl4nt.htm) is a very flexible (and not expensive)
option. It as well has al above mentioned options.
Martin
More information about the cisco-nsp
mailing list