Syslog (System log) is standard for sending and registering notifications about events taking place in the system (i.e. creating logs), which is used in computer networks, working via an IP protocol. A term «Syslog» is used to name both a standard network protocol Syslog, and software (application, library), which sends/receives system notifications.
A mechanism of Syslog operation is simple: resources create simple text notifications about events that take place in them and transfer them to a Syslog server to be processed, using one of the network protocols IP (UDP or TCP). Notifications about events are formed and transferred according to certain rules, named a Syslog protocol.
Similarly, Syslog in NetPing devices is used to collect, store and view the information. Eventually, using Syslog makes viewing events on NetPing devices simpler, particularly when there are several devices in a local network.
List of the Most Popular Syslog Servers for Windows OS
Name | License | Official web site |
Syslog Watcher | Freeware | http://www.snmpsoft.com/syslogwatcher/syslog-server.html |
Syslog Server Free Tool | Freeware | http://community.whatsupgold.com/freetools/syslog |
Aonawire Syslog Daemon | Freeware | http://www.aonaware.com/syslog.htm |
Datagram SyslogServer Trial Edition | Freeware | http://www.syslogserver.com/download.html |
Kiwi Syslog Server Free Edition | Freeware | http://www.kiwisyslog.com/free-vs-paid-edition.aspx |
List of the Most Popular Syslog Servers for Linux/Unix OS
Name | License | Official web site |
Syslog-ng | Freeware | https://www.balabit.com/network-security/syslog-ng/opensource-logging-system |
Rsyslogd | Freeware | http://www.rsyslog.com/ |
Example of Syslog Watcher Working with NetPing Devices
To install and configure a Syslog server Syslog Watcher, there is a need to download a distribution program from the official website «SnmpSoft Company».
Installation of the Syslog server is standard in Windows OS:
1. Run the file «SyslogWatcherSetup-X.X.X-win32.msi» to start installation;
2. Agree to a license agreement and choose a type of server installation:
3. Choose a path to install this Syslog server:
4. Allow adding a rule for all incoming connections for Syslog Watcher in Windows Firewall:
5. Afterward, there is a need to wait for Syslog Watcher to be installed successfully, which will end with the information inscription «Installation Complete»:
After Syslog Watcher server is installed, there is a need to run it and choose an operation mode «Manage Local Syslog Server»:
The last step of a main configuration of Syslog Watcher is starting a service «Syslog Watcher Service» using the button «Start Server» in the upper menu of a program window:
To enable NetPing devices to send informational notifications about their work to a Syslog server, there is a need to specify IP address of a Syslog server at the page «Setup» of a device web interface. Save the settings by clicking the button «Save changes»:
Enable corresponding notifications from sensors and IO lines for sending to a Syslog server:
As a result of the configuration described above, information notifications from NetPing devices will be sent to Syslog Watcher:
If NetPing devices use Russian-language firmware, there is a need to change coding to 1251 (ANSI - Cyrillic) in Syslog Watcher to see Russian-language notifications of a system log correctly.
Coding is changed in the settings of the program: Settings > Server:Processing > Force codepage.
Example of Work of Syslog Server Free Tool with NetPing Devices
To install and configure a Syslog server Syslog Server Free Tool, there is a need to download a distribution program from the official web site «WUGspace».
Installation of this Syslog server in Windows OS is standard:
1. Run the file «Ipswitch Syslog Server vX.X.X.X.exe» to start installation;
2. Agree with a license agreement and select a path for a server installation:
3. Click «Install» and wait for Syslog Server Free Tool to be installed successfully:
After a Syslog Server Free Tool is installed, there is a need to run it and click «Start» in the window of a program:
The installation process of NetPing devices for sending notifications to a Syslog server from sensors and IO lines is described above, in the section «Example of Work of Syslog Server Free Tool with NetPing Devices».
After Syslog Server Free Tool and NetPing devices are successfully configured, they will send the following informational notifications:
It is recommended to use an English-language firmware version for NetPing devices to work with Syslog Server Free Tool.
Example of Rsyslog Work with NetPing Devices
Installation and configuration of Rsyslog server at the OS CentOS 6 will be considered in this example.
Installation is performed according to the following steps:
1. Check the installed package and a Rsyslog version on a server. This checkup can be performed by two commands:
2. If a version of a package is outdated, it is recommended to update Rsyslog on a server to the latest stable version (when this article was being written, the latest Rsyslog version is 8.9.0). RPM repository is used to update Rsyslog. There is a need to download a file «rsyslogall.repo» via the link http://rpms.adiscon.com to use it.
3. Afterward, there is a need to put the file into a correct directory:
4. Then, install Rsyslog using a command:
If all previous steps were completed successfully, an installation utility will connect to RPM repository and check availability of packages of a new Rsyslog version.
If there are updates available for your system, then the system will prompt to download them and update corresponding packages. The installation of new packages is completed with the inscription «Complete!»:
After a successful installation, there is a need to configure Rsyslog. To do that, there is a need to edit a configuration file /etc/rsyslog.conf.
1. Before editing, the first step is to create a backup copy of the original file:
2. Open a configuration file for editing:
In the area of settings «MODULES» there is a need to uncomment the next rows (delete a character «#» before a row starts)):
3. Enable listening to UDP and TCP ports 514:
4. Add the next rows to the end of the file /etc/rsyslog.conf:
After making all necessary changes, there is a need to quit an editing mode by clicking the button «Esc» and save a configuration file using the command «:wq».
5. The last step of Rsyslog server configuration is adding «SYSLOGD_OPTIONS» into the file /etc/sysconfig/rsyslog without parameters:
6. After all settings are configured, there is a need to restart Rsyslog server using a command:
Otherwise a service can be stopped:
And started again:
A configuration of NetPing devices for sending notifications to a Syslog server from sensors and IO lines is described above in the section «Example of work of Syslog Watcher with NetPing devices».
Now there is a need to turn on the mode of viewing logs to analyze logs from NetPing devices on Rsyslog server using a command: