Let's start with this -- What kind of equipment are you expecting to get
syslog data from (routers, switches, unix boxes)? Most routers and switches
can be easily configured to send syslog data to a syslog server. For
example, a Cisco switch has to be configured with the command "set logging
server <ip address>" to send syslog type data to a syslog server. Syslog
data is simple string data so it's fairly easy to parse a syslog file with
some utility that squeezes & massages the log file into a useable format.
The whole point here is that whatever equipment you expect to receive
syslog data from, that equipment has to be running a syslog client (whether
it runs from firmware, an IOS, etc) that's configured to send the data to a
specific syslog server.
kj
At 10:00 AM 8/16/2001 -0400, you wrote:
>I have no $%#@ing clue right now. The boss says that we want to have the
>syslog file data pumped into Loghost (???) and then something called Swatch
>will divvy up the data and place it into certain "buckets" somewhere from
>which we will then be able to generate a report on just the data that we
>want. I'm not familiar with the contents of syslog. I suppose it's
>different from event log data?? I have no knowledge whatsoever about your
>direct question. I figured that all I was supposed to do was save the
>syslog data files to a folder on some other machine, from which Loghost and
>Swatch (and somebody else) would do the rest. Maybe you can enlighten me
>some more about syslog files and the syslog daemon on a remote machine and
>the such.
>
>My boss is a CNE and manager of the infrastructure dept for a 10K person
>company, so I assume he knows what he's talking about. Sometime soon, I
>hope to as well.
>
>Thanks for the response, KJ.!! I can at least pose your question to my
>boss and then get a full explanation as to how to capture this syslog data.
>
>
>
>Chris Powers
>Network Systems Engineer
>MCSE, CNA, Network+, A+
>Keane IT Technical Services
>x1730
>
>
>
>
> [EMAIL PROTECTED]
>
> Sent
> by: To: [EMAIL PROTECTED]
>
> [EMAIL PROTECTED] cc:
>
> switch.com Subject: RE:
> [WhatsUp Forum] help with syslog files - take two!
>
>
>
>
> 08/16/2001 09:41
> AM
>
> Please respond
> to
>
> WhatsUp_Forum
>
>
>
>
>
>
>
>
>
>Hate to ask a stupid question but -- what are you running on the remote
>boxes to send syslog data back to the syslog server (your WUG machine). You
>
>have to run a syslog daemon on the remote boxes that sends data back to the
>
>server (WUG) on udp port 514.
.
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
