Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Syslog Server Advice

We are looking at a Syslog server to analyse and monitor our switches and asa's. Does anyone have any recommendatons to which priduct to use.

We need to be able to extract data and setup alerts. We are mainly wanting it for reporting for users that have logged onto a cisco device and any changes they have made. Also reporting for VPN tunnels etc.

  • Network Management
Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Silver

Re: Syslog Server Advice

A good basic syslog server is the Kiwi syslog server product, now sold by SolarWinds. If you want to move upmarket in the space, SolarWinds Orion NPM includes a more feature-rich syslog server function.

The Cisco Prime Infrastructure and Prime LMS products also include syslog servers but that's not their primary focus and thus you may find the syslog server feature set not quite as well-developed.

If you're looking to track user logins and actions, you are in many cases better off implementing Cisco ACS and using the built-in accounting and reporting features it has vs.syslog.

Be careful with syslog and firewalls - unless you customize the level of events to elevate the ones you are specifically interested in, you end up with Level 5  (or higher) severity events overwhelming a syslog server. A better tool for managing ASA events is Cisco Security Manager (CSM).

Cisco Employee

Syslog Server Advice

These features are available in Cisco Prime LMS, but it has its last release as Cisco Prime LMS 4.2, which will not be enhanced further. Its successor Cisco Prime Infrastructure doesn't have much advanced syslog management.

From third parties, you can check Free Kiwi syslog from Solarwinds, but Splunk is a full fledged Syslog Management Server. Following are some of the best known Syslog managing softwares :

EventLog Syslog Server (from Manage Engine)

Best Syslog Server (From WhatsUpGold)

There was an opensource LogZilla project, which is now deprecated and php-syslog-ng is now known as LogZilla and can be found at http://www.logzilla.pro.


You have to evaluate these softwares as per your organisation requirement and licensing structure.

Hope this will be helpful, and other community members can also shed more light of their experience.

-Thanks
Vinod
**Rating Encourages contributors, and its really free. **

-Thanks Vinod **Rating Encourages contributors, and its really free. **
4 REPLIES
Cisco Employee

Syslog Server Advice

Hi,

check the below thread, you will find your answer here

https://supportforums.cisco.com/thread/176481

Thanks-
Afroz
[Do rate the useful post]
****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
New Member

Syslog Server Advice

Thank you, but the software we are after doesnt have to be free. If it does advanced. We have been testing GFI

Hall of Fame Super Silver

Re: Syslog Server Advice

A good basic syslog server is the Kiwi syslog server product, now sold by SolarWinds. If you want to move upmarket in the space, SolarWinds Orion NPM includes a more feature-rich syslog server function.

The Cisco Prime Infrastructure and Prime LMS products also include syslog servers but that's not their primary focus and thus you may find the syslog server feature set not quite as well-developed.

If you're looking to track user logins and actions, you are in many cases better off implementing Cisco ACS and using the built-in accounting and reporting features it has vs.syslog.

Be careful with syslog and firewalls - unless you customize the level of events to elevate the ones you are specifically interested in, you end up with Level 5  (or higher) severity events overwhelming a syslog server. A better tool for managing ASA events is Cisco Security Manager (CSM).

Cisco Employee

Syslog Server Advice

These features are available in Cisco Prime LMS, but it has its last release as Cisco Prime LMS 4.2, which will not be enhanced further. Its successor Cisco Prime Infrastructure doesn't have much advanced syslog management.

From third parties, you can check Free Kiwi syslog from Solarwinds, but Splunk is a full fledged Syslog Management Server. Following are some of the best known Syslog managing softwares :

EventLog Syslog Server (from Manage Engine)

Best Syslog Server (From WhatsUpGold)

There was an opensource LogZilla project, which is now deprecated and php-syslog-ng is now known as LogZilla and can be found at http://www.logzilla.pro.


You have to evaluate these softwares as per your organisation requirement and licensing structure.

Hope this will be helpful, and other community members can also shed more light of their experience.

-Thanks
Vinod
**Rating Encourages contributors, and its really free. **

-Thanks Vinod **Rating Encourages contributors, and its really free. **
1164
Views
0
Helpful
4
Replies
This widget could not be displayed.