Syslog analysis

Started by lindeamon, May 11, 2018, 10:28:42 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

lindeamon

May 11, 2018, 10:28:42 AM
Hi,

i have configured my firewall to send syslog to netxms server.
in the syslog monitor i see all the entries from the firewall and there are a lot.
i have been thinking, how can i learn something from all of those messages ? is there a way to see statistics ? should i use grafana for this ?

there are products like Elastic search and kibana to analyze all this data but this way i don't use NetXMS.

Regards,
Lindeamon

Tursiops

#1
May 14, 2018, 04:48:02 AM
Hi,

We're using syslog mostly to trigger alerts on specific events rather than for statistics, so not sure if there's an easier way or if the below will even do what you're looking for:
1. Create syslog rules and events for the log entries you want statistics on
2. Add the generated events to Event Processing Policies and have a script that sends data to a Push DCI. The data from the event could be used inside the script to determine which node and Push DCI to update.

Cheers

lindeamon

#2
May 15, 2018, 12:03:25 PM
hi Tursiops,

thank you for the replay.

Regards,
Lindeamon
Print
Go Up Pages1
User actions