Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Syslog Server -

I'm looking for input on what software others may be using to process syslog messages. I'm using RME to report on messages and perform automated email actions on several different messages. The problem I have though is the fact that an email is generated for every message received on the critical messages I've selected that need notification and this can sometimes become overwhelming.

Oh yea, We don't have DFM setup which, I think, would solve this problem but there are over 12,000 Cisco devices on this network and I don't think DFM can even come close to managing messages for that many devices.

I've seen a few other software products (kiwi tools is the only one I can think of off the top of my head) that have syslog capability so I'm trying to get a feel for what's out there and what works and works well.

Thanks for any input.

  • Network Management
7 REPLIES
Cisco Employee

Re: Syslog Server -

In addition to CiscoWorks and Kiwi there are a couple of other products that I know of that can process syslog messages. These are Monitorware and Logalot

New Member

Re: Syslog Server -

We have been using "EventLog Analyzer" for syslog/event log analysis.

New Member

Re: Syslog Server -

You said you have 12,000 devices how have you managed to Scale Ciscoworks to that level. I have 8000 am considering my options.

New Member

Re: Syslog Server -

We're using RME 3.5 ONLY between 3-Solaris 280R boxes w/ 2 CPUs each and 4GB RAM each. There are approx 4,000 devices on each of these servers and it works fairly well for backing up the configs, Netconfig jobs, syslog reporting, hardware/software inventory and probably a few other critical features I can't think of off the top of my head.

We also have 6 campus servers w/ discovery filters setup to discover certain portions of the network. What do we get out of Campus that's usable? Not much....

We have it because the customer wants it!

I started using the automated email actions for critical syslog messages but the problem is an email is generated everytime a message is received which can sometimes be overwhelming. That's why I was trying to get a feel for other options for notification on critical syslog messages. From what I've heard, DFM wouldn't be able to come close to handling the load for that many devices.

Silver

Re: Syslog Server -

With that number of devices you require something that can make the correlation between a lot of events and can then present you the root causes.

I know only a few products that do that reasonably being Spectrum (former cabletron), SMARTS, and Netcool.

I'm not commercial but if think these are all above the budget for which you get Ciscoworks.

Cheers,

Michel

New Member

Re: Syslog Server -

Try www.eventloganalyzer.com for syslogs. And www.fwanalyzer.com for firewall log analysis.

New Member

Re: Syslog Server -

Check out syslog-ng and the browser:

http://www.linkdown.org/static_syslogngbrowser_en.html

130
Views
10
Helpful
7
Replies
This widget could not be displayed.