How to search all log files
Hi everyone, Can someone confirm that both the Kiwi Syslog Service Manager console and the Kiwi Syslog Web Access will only display messages for current log files. Therefore, a find or filter will...
View ArticleRe: How to search all log files
The Kiwi Syslog web access uses a SQL compact database that stores up to 4GB of data. As long as your data does not exceed this Microsoft limit, you can search older records.
View ArticleClik here to view.
Re: How to search all log files
To get you part of the way there I would set up a rule that filters on message text matching "user account is locked out" and write it to a specific log file. Then you can open the file or files and...
View ArticleRe: How to search all log files
Thanks for everyone's replies. I wasn't aware of some of these capabilities so I want to make sure I understand. Currently, I "log to syslog web access" as the first rule, then proceeding rules will...
View ArticleSyslog Not Receiving SMDR Entries
I have tried Kiwi Syslog and it isn’t working. Here's the situation: I have a virtualized Avaya PABX solution.The server is on a virtual machine.There is a virtual PC (Windows 7) for...
View ArticleRe: Syslog Not Receiving SMDR Entries
Solved... Forgot to add the PABX's IP address as an input.
View ArticleForward archived logs from Kiwi
Hi - I'm looking into using Kiwi as a centralized syslog server. I will point all network / linux syslogs to Kiwi and then have Kiwi forward to a SIEM, but I have one question - can Kiwi forward or...
View ArticleRe: Forward archived logs from Kiwi
Kiwi can only forward logs that are received after the rule has been created, but not any logs received before.
View ArticleRe: SYSLOG error with windows server 2012
I contacted support and it's a known bug in 1.2. Dev are working on it. I was instructed to use version 1.1.19 which worked fine for me on 2008/2008R2/2012 R2 ;P)
View ArticleClik here to view.
Re: Forward syslog events to QRadar
Just saw this post. Did you get it working? I am doing the same thing with our cisco syslogs, forwarding to qradar via Kiwi. working just fine for me.If there are issues its likely in the filter applied.
View ArticleClik here to view.
Re: Forward syslog events to QRadar
Hello BOBTeal, I am wanting to do this with my Cisco devices but can't seem to get my hands around this. Would you have a connectivity chart for the pieces this process?
View ArticleClik here to view.
Re: Forward syslog events to QRadar
We have our cisco device configs pointing syslog to Kiwi and then we forward in Kiwi to other systems that need the logs like qradar and snare. Don't really have a diagram of it though.Since we have...
View ArticleClik here to view.
Re: Forward syslog events to QRadar
Thanks Bob. I don’t really have much of a network history so every piece helps.
View ArticleRe: How to search all log files
Just thought I'd report my findings. I tried the following: 1) eventcomMT.exe - This is a Microsoft utility for viewing event logs across domain controllers. It didn't work for my purposes because we...
View ArticleClik here to view.
Re: How to search all log files
Have you tried the Kiwi log viewer? There is a free version that can open upto a 700mb file: Log Viewer for Windows - Log File Monitoring l Kiwi Log Viewer
View ArticleClik here to view.
Re: Kiwi Syslog not receiving any message
I hate to resurrect a 2 year old post, but thanks Metz for pointing this out. I had the same issue and this fixed it.
View ArticleClik here to view.
Re: Kiwi Syslog not receiving any message
Please see this link: Adding devices to the Kiwi Syslog free version
View Article