Syslog Gateway for Nimsoft

The sysloggtw acts as a gateway from the Syslog "world" into Nimsoft.  Most network-devices, such as routers, switches, bridges and so on, reports events using SNMP as well as using the well-known syslog format.   The sysloggtw will listen to port 514/udp when running in a receive mode.  All incoming syslog messages will be acted upon using the defined receive mode:

  • Generate Nimsoft Alarm
  • Generate SYSLOG-IN (for post-processing) messages
  • Log to file

The sysloggtw is also capable of receiving Nimsoft alarm messages from e.g. the NAS auto-operator that will be converted to a syslog message and passed onto remote syslog daemons.

You may combine the sysyloggtw with logmon to post-process incoming syslog messages. Some devices e.g. Cisco routers may add an index to each message. Use logmon to reformat the text and severity levels instead of having sysloggtw determining the alarm level according to the syslog priority.

Installation notes

Please make sure that port 514/udp is free. You may do this by issuing the netstat -an command, and look for something like UDP . If it is present, then something else, for example, a syslog daemon is using this port.


Using logmon + sysloggtw
  • Create an "attach" queue collecting the subject SYSLOG-IN
  • Add a profile that attaches to the named queue.
  • Add watchers according to your needs.
Revision history
Date Description State Version

What's New:

  • Added support for accepting syslog messages over TCP protocol with a custom configurable port.

Fixed Defect:

  • sysloggtw crashes randomly on the robot without capturing any errors in the sysloggtw log. Support case 00843733

For Detailed Release Notes-Please refer

Note: Support case(s) may not be viewable to all

MD5 Checksum: fb3df4a685019eb6099666a002623a73
SHA-1 Checksum: 6708c383cdc3f2e26f52c29119625d7d5e70fa60
GA 1.43

Fixed Defect:

  • On a pure IPv6 environment, the probe was unable to accept syslog messages on port 541.

md5: cbf37039764d288d496fff28a21db439
20.02.2015 Fixed Defects:
The dev ID was coming from local robot rather than actual device. (Salesforce Case: 00147258,146299,147258)
There was no alarm for backup file at the required interval, unless there was an Incoming log. (Salesforce Case: 00147052)
Probe was not using the configured path to delete the file. (Salesforce Case: 00149998)

For Detailed Release Notes-Please refer

Note:Salesforce case(s) may not be viewable to all
04.12.2012 Fixed an issue where log files were not getting deleted after the correct number of days set. 1.40
30.09.2010 Added Support for Windows 64, Linux 32/64 and Solaris platforms.
Fixed memory leak.
Added proper configuration file reading mechanism on probe restart.
Added proper thread termination and start functionality on probe restart and stop.
Added support to redirect messages in separate file and to provide variable names ($logsource and $date) in that file-name.
Added support to store logs in separate log files as per the source (IP address) they are coming from.
Added support for probe logfile truncation.
Implemented file rotation algorithm (for message file). Added support for file rotation based on size or time along with file cleanup after certain period.
30.06.2010 Made changes to libraries with respect to configuration locking.
25.03.2010 Added support for extended NIS database information. 1.20
11.11.2003 Improved message delivery to spooler. 1.12
Platform: Please refer to the Platform Support Matrix located in the Download section of
Software: None
Hardware: None