WTCS.ORG

syslog4NT - Implementing syslog Messaging
Under Construction!!


What is syslog4NT    Why would I want to use it?


What is Syslog4NT

While SNMP is the pre-eminent mechanism used to manage network devices, and SNMP traps are commonly used to communicate states back to a Network Management system, there are other types of information that you may want communicated from one device to the next.  That's where a syslog Centralized Messaging comes in!

syslog is a messaging standard used in many Unix based systems, routers and switches.  It is also available on Windows NT.  It is a UDP based (and therefore asynchronous) transport mechanism that supports string-based contents.  Like SNMP, syslog relies on UDP (port 514).


Why would I want to use it?

What can you do with syslog?  Here's a real world example.  I wanted to track the uptime of some Banking Gateways (ATM/POS, etc.)  I inserted the syslog client program into a batch that managed the Gateways.  When the Gateway started, a syslog message was sent to the syslog server informing it that the Gateway was starting.  When the Gateway was stopped cleanly, another message was sent.  The syslog server received the messages and posted them into an Access database via ODBC.  That way, I had a pretty reliable way to track starts and stops.

I use and highly recommend (in fact, this section is based upon) Franz Krainer's syslog4NT (no relation to SNMP4NT).  It is available at http://www.netal.com.

Example 1:

Let's say you have written some program, and it generates log messages.  If you used the syslog client extension DLL, you could actually add a function call to your program and call the syslog client (passing it message parameters and target (syslog) server name/ip address) in the event of a program error or other significant event!  This is an easy way to add remote logging to almost any application.  The diagram below shows this relationship.

<DIAGRAM COMING SOON>

Once the information is in an Access database, you can publish it to a web site (Access 2000) using Data Access Pages, and make it available to IE5!  You can even edit this database as well!

<DIAGRAM COMING SOON>

 

Example 2:

You might have several Windows 2000 Servers, and you would like to centralize the monitoring of their event logs.  Using a nice freeware tool such as the Event Log to syslog Utility from Perdue University, you could set up each server to forward Event Log entries (as syslog messages) to the netal SY4NT Server.  Then you could generate alerts from there, in addition to saving it to a database for later review.

 

Look to this page to provide you the information you will need to implement that very thing.  Information can come from SNMP is you want, or from a program, or any custom script you might have running on networked devices.  Sounds good?  It is!!

 


To return the the main page, click the Go Home! logo!