Hi.. We have syslog going to a syslog server and we do have SYSEDGE scraping and parsing wanted events to spectrum. In spectrum u need to discover the server and set it up as an event processor and have specific or generic event file(s) set up depending on what you need to do with them.
The 2 caveats we have encountered is inability to filter out unwanted messages that pass through the wanted filter. Ex. We have pattern match defined abc so all messages with abc will be sent to spectrum for processing. If we want to ignore abcd the pattern match is still true and there is no way for sysedge to drop the message Secondly If u have a message where it meets 2 filters then the message is sent twice to spectrum. Other than that, I can attest the SYSEGDE works extremely well for high volume environments such as ours. We process well over 200 MB a week (peak 450 MB) on our syslog servers and sysedge is able to keep up. So it is possible to use sysedge for this purpose. Cheers, John -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 2008, October, 29 7:22 AM To: spectrum Cc: spectrum Subject: Re: [spectrum] Syslog messages to spectrum Greetings Here is how we bring syslogs into Spectrum Devices send syslogs to a central server in our case its a Windows box running KIWI. If I was running Linux on this box I would use syslog-ng. We do basic filtering of syslogs at this point and put the messages we want in Spectrum into a file. I have an NSM log agent (I assume sysedge would work the same) running on the syslog server watching the syslog file. All new entries get sent to my Spectrum Primary Landscape Server as an NSM Log Agent trap. On the Spectrum Primary Landscape server, I have modeled the syslog gateway NSM agent. I also set the attributes SBG Alert Fowarding and map traps to IP header both to true on th elog agent model. Also make sure you set "alert forwarding enabled" on the VNM. You should then see syslogs on the event log for the log agent model and see the log forwarded as events to the correct target models Dan Ellsweig, Enterprise Systems Management MMC Global Technology Infrastructure | Centralized Operations 121 River Street, Hoboken, New Jersey 07430, USA +1 201-284-3141 | Fax +1 201-284-3528 | Mobile +1 201-616-8149 | [EMAIL PROTECTED] www.mmc.com "Hofmann, Berthold" <berthold.hofmann To @siemens.com> "spectrum" <[email protected]> 10/29/2008 03:52 cc AM Subject [spectrum] Syslog messages to Please respond to spectrum "Hofmann, Berthold" <berthold.hofmann @siemens.com> Hello, what is the best way to get syslog messages to spectrum? I try sysedge, but I didn't get a syslog message. I am also surprised, that the sysedge.mon includes only one entry. But I configured 2 entries in the sysedge.cf file. Best Regards Berthold Hofmann *********************************************** Siemens AG Siemens IT Solutions and Services SIS GO NW G NIS CS Würzburger Str. 121 90766 Fürth, Germany Tel.: +49 0911 978 2744 Fax: +49 0911 978 2750 <mailto:[EMAIL PROTECTED]> --- To unsubscribe from spectrum, send email to [EMAIL PROTECTED] with the body: unsubscribe spectrum [EMAIL PROTECTED] ********************************************************************** This e-mail transmission and any attachments that accompany it may contain information that is privileged, confidential or otherwise exempt from disclosure under applicable law and is intended solely for the use of the individual(s) to whom it was intended to be addressed. If you have received this e-mail by mistake, or you are not the intended recipient, any disclosure, dissemination, distribution, copying or other use or retention of this communication or its substance is prohibited. If you have received this communication in error, please immediately reply to the author via e-mail that you received this message by mistake and also permanently delete the original and all copies of this e-mail and any attachments from your computer. Thank you. ********************************************************************** --- To unsubscribe from spectrum, send email to [EMAIL PROTECTED] with the body: unsubscribe spectrum [EMAIL PROTECTED] _______________________________________________________________________ This e-mail may be privileged and/or confidential, and the sender does not waive any related rights and obligations. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately. Ce courrier électronique est confidentiel et protégé. L'expéditeur ne renonce pas aux droits et obligations qui s'y rapportent. Toute diffusion, utilisation ou copie de ce message ou des renseignements qu'il contient par une personne autre que le (les) destinataire(s) désigné(s) est interdite. Si vous recevez ce courrier électronique par erreur, veuillez m'en aviser immédiatement, par retour de courrier électronique ou par un autre moyen. --- To unsubscribe from spectrum, send email to [EMAIL PROTECTED] with the body: unsubscribe spectrum [EMAIL PROTECTED]
