Clicky

I am looking for a effiective way to monitor  server logs  and if a certain event occurs it will send an alert (security etc). I would preffer a none paid version soluction. I know that performance monitor can do some alerts.....
OS: server 2003
Any suggestions?

asked 09/27/2011 08:28

Neal_876's gravatar image

Neal_876 ♦♦


5 Answers:
I would look into SysLog (http://www.syslog.org/).  Originally developed for the *NIX world, but supports Windows as well.  It's quite robust, and will allow you to aggregate logs from multiple servers/workstations/devices, and run reporting on them.  There are add-ons to SysLog to enhance it's capabilities (i.e. AlertManager - http://www.syslog.org/wiki/Main/AlertManager) that should provide you with the functionality you're looking for.
link

answered

moonie42's gravatar image

moonie42

I prefer to work with Open-source... so my recommendation would be  nagios (I use it in my env.), awarded Platform ..winner of numerous awards and highly recognized, Nagios is the leader in Open Source IT infrastructure monitoring....but you can find other multiple monitoring tools:
http://www.groundworkopensource.com GroundWork Monitor Enterprise
http://www.hyperic.com Hyperic HQ
http://www.icinga.org Icinga
http://oss.oetiker.ch/mrtg/  mrtg
http://www.nagios.com Nagios
http://www.n-able.com N-central
http://www.op5.com op5 Monitor
http://www.open-itcockpit.com openITCockpit
http://www.opennms.org OpenNMS
http://www.hp.com/de/bto HP OpenView
http://www.bmc.com BMC PATROL ProactiveNet Performance Management
http://www.shinken-monitoring.org Shinken
http://www.ibm.com/software/de/tivoli IBM Tivoli
http://www.ca.com/de CA Unicenter
http://www.whatsupgold.com WhatsUp Gold
http://www.zabbix.com Zabbix
http://www.zenoss.com Zenoss Enterprise

My recommendation for a useful solution for syslog  and data correlation solutions:
Splunk http://www.splunk.com/  
Cisco CS-MARS http://www.cisco.com/en/US/products/ps6241/index.html
Sawmill:  http://www.sawmill.net
Paglo:  http://paglo.com
Q1 Labs (offers free VM version):  http://www.q1labs.com/qradar-slim-fe
Manage Engine with OpManager:  http://www.manageengine.com

look @ http://www.linuxjournal.com/article/5476 and
http://blogs.splunk.com/2008/11/13/syslog-syslog-ng-and-splunk-forwarders/
link

answered 2011-09-28 at 05:29:52

madunix's gravatar image

madunix

Thank you both for responding... I am checking out the different soluctions

Is the Syslog software free from syslg.org? It does not seems that way..
link

answered 2011-09-28 at 09:58:48

Neal_876's gravatar image

Neal_876

Sorry for the delay in responding. My project was rescheduled so I did not get to try all of the solution but I think I will be using one of the open sources.
link

answered 2011-10-10 at 04:15:50

Neal_876's gravatar image

Neal_876

Thank you!

link

answered 2011-11-30 at 13:05:16

Neal_876's gravatar image

Neal_876

Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Tags:

Asked: 09/27/2011 08:28

Seen: 1197 times

Last updated: 12/04/2011 05:18