Hey TriLUGgers, I'm implementing some centralized logging and I'm looking for experiences (pro or con) and suggestions with syslog analysis tools. It's a mixed environment of Solaris 9, SUSE, NT, W2K, and W2K3, about 8 machines total. The windows machines will use the Adiscon EventReporter to write syslog to the Solaris box which is the central logging box.
Ideally this is what I'd like: - can be run/compiled on Solaris - has web based interface - produces web reports (real time or scheduling generates static HTML reports for morning viewing, I'm not picky) - I'm more concerned about the health of the boxes and tracking downtime/service issues than IDS issues - open source preferred, but if a superior product vendor product exists let me know a URL. So far I've turned up with comments: - Kiwi Log Viewer, http://www.kiwisyslog.com/products.htm#logfile_viewer, runs on Windows & I'd rather not scp logs off to run the analyzer - Adiscon MoniLog , http://www.monilog.com/, same issues - Sawmill, http://www.sawmill.net/, runs on solaris, web based interface, but never heard of it Thanks, SL -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
