Re: How Do I add a Mac Address Field or Column?
Jiri is correct that the software cannot track this and that it becomes irrelevent after the 1st hop, but that's not to say it cannot be done at all, if all of your machines that you want to track are...
View ArticleRe: Syslog configure to pull Exchange server message tracaking log
Mangesh, Did you ever figure out how to do this? Don't the Exchange server messages log to windows event viewer? If they do, then you can utilize the Event Log Forwarder to send them to Kiwi.
View ArticleRe: How to detect clients that stop sending Syslog messages to the server
Acy, Thank you for pointing me in the right direction. I am new to Kiwi Syslog server and scripting with it. Any other examples you can post from your custom script would be much appreciated. You said...
View ArticleKiwi - Palo Alto User ID agent
I have written a perl script to take data from Kiwi, parse out some information and pass it into our Palo Alto UserID agent. It runs fine when I pass the message in on the command line but when I have...
View ArticleRe: Changing syslog message received
Can you give me an example or screenshot of how to "using variables pull specific portions of the variables" ? I'm trying to do this same thing, I've got a log message coming in and am trying to strip...
View ArticleRe: Kiwi - Palo Alto User ID agent
It is complaining about my curly brace {.... ???? Thanks for any help... Kevin
View ArticleKiwi Syslog + PFsense (parsing firewall log from 2 lines to 1 help)
PROBLEM - pfSense syslogs for firewall event is split into two lines when it is sent to Kiwi syslog app. Is there a way to edit configuration or parsing script to parse the pfSense event as one similar...
View ArticleRe: Kiwi - Palo Alto User ID agent
I haven't quite figured out the particulars of the error handling in kiwi yet, but just because it says "line 1" doesn't mean the error is on line 1, in this case, I think it might be... try removing...
View ArticleRe: Kiwi Syslog + PFsense (parsing firewall log from 2 lines to 1 help)
You can definitely script this if the problem is consistent enough to write logic for. But you'll have to be familliar with at least one of the supported scripting languages and you will not be able to...
View ArticleRe: Kiwi Syslog + PFsense (parsing firewall log from 2 lines to 1 help)
Yes, I believe the ##-##-#### ##:##:## is show the same on each line, so I would want something like take ##-##-#### ##:##:## and ##-##-#### ##:##:## then merge into one line either the log file or a...
View ArticleRe: Kiwi - Palo Alto User ID agent
Which Windows OS you are using? x64 or x86. In both cases, you have to install ActivePerl 5.16.2 x86 installer (32 bit installer). Try this. I hope this will help. Jinesh
View ArticleRe: Kiwi - Palo Alto User ID agent
I am using Windows 2008 x64 with ActivePerl 5.16.2 build 1602 64-bit.
View ArticleRe: Kiwi Syslog + PFsense (parsing firewall log from 2 lines to 1 help)
Any update from the above? I'd appreciate any more input on this. Thanks
View ArticleKIWI syslog service manager vs. syslog webaccess
Hello group!Is there a difference between what we see in the KIWI Syslog Service Manager and what we see in the KIWI Syslog Web Access? We currently have one of our appliances sending SNMP traps to...
View ArticleClik here to view.
Re: Kiwi - Palo Alto User ID agent
The original error seemed to be (as noted by Jinesh below) that I had Active State 64 bit installed. Now I am getting another error regarding the use PAN::API; line when I import the module for...
View ArticleMail Error Type Mismatch
Hi I was wondering if any one has come across this error before, I am unable to find the cause Errorlog.txt2013-02-14 12:27:04 Mail error: Type mismatch2013-02-14 12:27:04 Requeuing 2 e-mail...
View ArticleHow can i make report of nodes synched with syslog server???
I want to make a report which shows the devices of a region synched with the syslog server. How can i do that kindly tell me if anyone knows????
View ArticleRe: Filtering out certain messages in Kiwi Syslog...
Acy Forsythe Hello, Thanks for the write-up. I tried the "port D[1-16]-High collision" in the "exclude" portion of the RegEx filter. Putting this in the "exclude" section would take any messages with...
View ArticleRe: How to detect clients that stop sending Syslog messages to the server
No Problem. I am not in a super rush. I did find some better documentation in the CHM file in the "Action - Run Script" section. I was just using the index or search feture before and it was not...
View Article