sysloggtw
Syslog Gateway for Nimsoft

The sysloggtw acts as a gateway from the Syslog "world" into Nimsoft.  Most network-devices, such as routers, switches, bridges and so on, reports events using SNMP as well as using the well-known syslog format.   The sysloggtw will listen to port 514/udp when running in a receive mode.  All incoming syslog messages will be acted upon using the defined receive mode:

  • Generate Nimsoft Alarm
  • Generate SYSLOG-IN (for post-processing) messages
  • Log to file

The sysloggtw is also capable of receiving Nimsoft alarm messages from e.g. the NAS auto-operator that will be converted to a syslog message and passed onto remote syslog daemons.

You may combine the sysyloggtw with logmon to post-process incoming syslog messages. Some devices e.g. Cisco routers may add an index to each message. Use logmon to reformat the text and severity levels instead of having sysloggtw determining the alarm level according to the syslog priority.

Installation notes

Please make sure that port 514/udp is free. You may do this by issuing the netstat -an command, and look for something like UDP   0.0.0.0:514 . If it is present, then something else, for example, a syslog daemon is using this port.

Hints

Using logmon + sysloggtw
  • Create an "attach" queue collecting the subject SYSLOG-IN
  • Add a profile that attaches to the named queue.
  • Add watchers according to your needs.
Revision history
Date Description State Version
07.02.2019

What's New:

  • Added support for accepting syslog messages over TCP protocol with a custom configurable port.

Fixed Defect:

  • sysloggtw crashes randomly on the robot without capturing any errors in the sysloggtw log. Support case 00843733

For Detailed Release Notes-Please refer

https://docops.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=sysloggtw_RN

Note: Support case(s) may not be viewable to all

MD5 Checksum: fb3df4a685019eb6099666a002623a73
SHA-1 Checksum: 6708c383cdc3f2e26f52c29119625d7d5e70fa60 		GA 1.43
15.03.2017

Fixed Defect:

  • On a pure IPv6 environment, the probe was unable to accept syslog messages on port 541.

md5: cbf37039764d288d496fff28a21db439 		1.42
20.02.2015 Fixed Defects:
The dev ID was coming from local robot rather than actual device. (Salesforce Case: 00147258,146299,147258)
There was no alarm for backup file at the required interval, unless there was an Incoming log. (Salesforce Case: 00147052)
Probe was not using the configured path to delete the file. (Salesforce Case: 00149998)

For Detailed Release Notes-Please refer
https://wiki.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=sysloggtw_RN

Note:Salesforce case(s) may not be viewable to all 		1.41
04.12.2012 Fixed an issue where log files were not getting deleted after the correct number of days set. 1.40
30.09.2010 Added Support for Windows 64, Linux 32/64 and Solaris platforms.
Fixed memory leak.
Added proper configuration file reading mechanism on probe restart.
Added proper thread termination and start functionality on probe restart and stop.
Added support to redirect messages in separate file and to provide variable names ($logsource and $date) in that file-name.
Added support to store logs in separate log files as per the source (IP address) they are coming from.
Added support for probe logfile truncation.
Implemented file rotation algorithm (for message file). Added support for file rotation based on size or time along with file cleanup after certain period.
 1.30
30.06.2010 Made changes to libraries with respect to configuration locking.
1.21
25.03.2010 Added support for extended NIS database information. 1.20
11.11.2003 Improved message delivery to spooler. 1.12
Requirements
Platform: Please refer to the Platform Support Matrix located in the Download section of http://support.nimsoft.com
Software: None
Hardware: None