SyslogAppliance Features

SyslogAppliance receives logs via syslog from a variety of sources, including routers, switches, firewalls and even Windows machines (with additional components). Once received, data can be searched, analyzed and graphed. Also, SyslogAppliance helps troubleshooting problems by automatically providing relevant links to solutions. Even better: SyslogAppliance is totally free for non commercial use and very inexpensive for commercial applications.

1 features 2 online web demo 3 download4 buy

Log Sources

A variety of sources are supported. Thanks to being based on syslog, SyslogAppliance can receive data from almost all network gear. Support for Windows event log is provided via the add-on components EventReporter or MonitorWare Agent (with additional Windows sources).

By default, SyslogAppliance listens to incoming syslog messages on port 514 both via UDP and TCP (Cisco PIX, for example, is fully supported).

Log Analysis

An easy-to-use web interface permits you to search the logs received. Searches can be stored and fully customized so that it is easy to re-run frequently done searches. Data received can be visualized graphically. And while troubleshooting, you have a wealth of problem-solving solutions right at hand. For example, you can look up IP range or domain name owners with a single click right from the web interface. This is a great aid when tracking down attackers.

The appliance supports multiple users, each with their own preferences, stored searches and environment.

Log Alerting

Alerts, vie email, snmp or other notifcation methods, can be generated based on any message field, including regular expression matches inside the message text.

Currently, this requires changing a configuration file. In future releases, alerting capabilities will be configurable via an easy to use web interface.