Jump to content

Syslog Management

If your security policies require you to collect, monitor and analyze event log files from network equipment like routers and switches, your chosen log management solution has to support Syslog monitoring. Further, if your environment also hosts Unix and Linux systems, Syslog monitoring becomes even more critical.
Syslog is a standard for forwarding log messages in an Internet Protocol (IP) computer network. It is a client-server protocol with a logging application transmitting a small text message to a Syslog receiver or server. These messages may be sent via the User Datagram Protocol (UDP) or the Transmission Control Protocol (TCP).

Just like Windows event logs, Syslog is typically used for computer system management and security auditing. While it has a number of shortcomings, Syslog is supported by a wide variety of devices and receivers across multiple platforms. Because of this, Syslog can be used to integrate log data from many different types of systems into a central repository. Syslog specifications are now standardized within a dedicated working group of the IETF.
With WhatsUp Event Log Management suite you can:

  • Monitor, analyze and alert on both Windows event logs and Syslog events from a single console with the WhatsUp Event Alarm application. 
  • Review and support spot check audits with WhatsUp Event Rover application on Syslog data stored within the Event Alarm database.
  • Filter, analyze and report on stored Syslog data within the Event Alarm database using the WhatsUp Event Analyst application
  • Together, the WhatsUp Total Event Log Management solution provides you the capability to manage Windows event logs and Syslogs from a single log management application