Using a syslog server to collect and store syslog messages provides a reliable central repository for log data.
The syslog protocol was originally created and used solely for sendmail on Unix systems. Due to its simplicity, syslog developed into the standard logging solution for Unix-based systems (including Linux) and was standardized by the IETF (RFC 3164) in 2001.
Syslog uses UDP communication to send messages from different systems and network devices to a central collector, also known as a syslog server. Syslog messages are used to troubleshoot network problems, establish forensic evidence, and prove compliance with federal regulations, such as HIPAA. Forwarding syslog messages to a central syslog server helps you correlate events across your network.
Network auditing generates volumes of log data from various systems and devices. In addition to syslog messages generated by operating systems and applications, messages are also generated by processes on printers, routers, hubs, switches, and diskless workstations. It’s essential to be able to forward all these device messages to a central syslog server for storage and review. A syslog server should deliver features that help you efficiently monitor and manage syslog messages.
The best syslog server should allow you to easily collect, save, view or forward syslog messages from anywhere on your network. It should have enhanced export capabilities as well as the ability to view syslog messages in real-time, create flexible rules for processing messages, and filter data the way you need to see it. If your network includes Windows systems, the best syslog server should help you manage Windows Event log information.
WhatsUp Gold’s free Syslog Server offers various features that easily collect, save, view or forward syslog messages from anywhere on your network. Use Syslog Server to filter and sort syslog messages based on several criteria including hostname, IP address, or message contents. Syslog Server allows you to write messages directly to the Windows Event Log file and create flexible rules for processing messages. In addition, you can receive and forward messages using UDP and TCP protocols. WhatsUp Gold Syslog Server runs either as a Windows service or in application mode.
Upgrading to WhatsUp Log Management Suite delivers even more features for monitoring and managing log files. The set of applications in this log management software allows you to collect syslog and Windows event logs across your network, store information as long as needed, protect log file integrity, and generate compliance reports. WhatsUp Log Management applications give you the capability to consolidate the tasks associated with monitoring and managing log files.