How to process a log file - attached - to convert ip address to hostname. Or...
I would like to input log files, like this pasted one, into a batch script and output the log with our private ips, 172.22.... translated to hostnames. Also, am asking if this can be done by Kiwi...
View ArticleRe: How to process a log file - attached - to convert ip address to hostname....
Are the hostnames actual internal DNS names? If so you can go to 'DNS Resolution' on the tree menu and choose 'Resolve IP addresses within the message text'. If they are not DNS names but custom names...
View ArticleClik here to view.
Re: Event Log Forwarder - Where is the Audit Failure Type?
the fix that I have is to use the older version of the client which works a lot better than the 1.2 which is so buggy.... I wouldnt even go near it. specifically v1.1.9 The current version of...
View ArticleRe: How to process a log file - attached - to convert ip address to hostname....
kstone, thanks. We new this forum had promise. Joe Tursone
View ArticleClik here to view.
Re: Forward syslog events to QRadar
I am trying to get the same accomplished. Have you had any luck?
View ArticleRe: Event Log Forwarder - Where is the Audit Failure Type?
I had the same problem with 1.2 but when I clear security event log and reset it, everything is working again.
View ArticleClik here to view.
Re: Log Forwarder windows opens upon login
You can right click on log forwarder system tray icon and uncheck Autostart with windows.
View ArticleClik here to view.
Kiwi not installing
Hi, I'm trying to install Kiwi but the only thing that happens is the counting the percentage from 0-100%. Thats all.I had a version of Kiwi installed, then uninstalled. Now I need to install it again...
View ArticleClik here to view.
Re: SYSLOG error with windows server 2012
Hi Sorry to bump an old thread. Did you guys ever work around the Microsoft Bug?I am using Win 10 with Locale UK and Language UK English. (poss not supported but I'm ok with that) Tried switching to US...
View ArticleClik here to view.
Re: AOA, how to add device in syslog server?
You will want to configure your device to send messages to the kiwi syslog server. A syslog server is only a listener, and by default waits for syslogs to be sent on UDP port 514.
View ArticleSolarwinds Event Log forwarder - cache events when offline?
Just curious... been experimenting with Kiwi and capturing event logs. I installed Solarwinds Event Log forwarder on a server and it's seems pretty easy to use.. just curious if I put this on my...
View ArticleRe: Solarwinds Event Log forwarder - cache events when offline?
This functionality is not available in the Log Forwarder.
View ArticleClik here to view.
Clik here to view.
Filter rules, IP range or subnet
This may seem obvious but I would just like confirmation that filters on IP address ranges or subnet masks are compared to the Source IP from the UDP/TCP packet header. The documentation does not...
View ArticleClik here to view.
Re: Discarding Traps in Kiwi
It appears that the problem was that I wasn't running Kiwi under the local administrator account. I did that and the rules have worked properly ever since.
View ArticleClik here to view.
Re: 'How much traffic can Kiwi Syslog Server handle?'
We have an ESXi-virtualized Kiwi server with 2 x 2.5 GHz vCPUs and 8 GB of memory allocated to it. On a busy day, this is capturing over 120 million messages (~30 GB) with CPU utilization just under...
View Articleforward Oracle & SQL log Syslog Server
Hi All, I'm new here and new to Kiwi Syslog and i really need your help. currently, our information Security officer request us to add our oracle servers and SQL servers logs to Kiwi Syslog server to...
View ArticleRe: forward Oracle & SQL log Syslog Server
Kiwi Syslog server only processes standard syslogs, and SNMP traps. To monitor your oracle servers and SQL servers logs, you should look at a too like our LEM. PLease see this link: Log Management...
View ArticleRe: Integrated AD for Kiwi Web but all users are created as Standard users
Not only should this be included as a feature in the next version, there is no information included in the documentation as to how setup AD group rights (or the fact that it's pre-defined). Surely it's...
View Article