The sysloggtw acts as a gateway from the Syslog "world" into Nimsoft. Most network-devices, such as routers, switches, bridges and so on, reports events using SNMP as well as using the well-known syslog format. The sysloggtw will listen to port 514/udp when
running in a receive mode. All incoming syslog messages will be acted upon using the defined receive mode:
- Generate Nimsoft Alarm
- Generate SYSLOG-IN (for post-processing) messages
- Log to file
The sysloggtw is also capable of receiving Nimsoft alarm messages from e.g. the NAS auto-operator that will be converted to a syslog message and passed onto remote syslog daemons.
You may combine the sysyloggtw with logmon to post-process incoming syslog messages. Some devices e.g. Cisco routers may add an index to each message. Use logmon to reformat the text and severity levels instead of having sysloggtw determining the alarm level according to the
syslog priority.
Installation notes
Please make sure that port 514/udp is free. You may do this by issuing the netstat -an command, and look for something like UDP 0.0.0.0:514 . If it is present, then something else, for example, a syslog daemon is using this port.
Hints
Using logmon + sysloggtw
- Create an "attach" queue collecting the subject SYSLOG-IN
- Add a profile that attaches to the named queue.
- Add watchers according to your needs.