WinSyslog

The Windows Syslog Server

WinSyslog

The Windows Syslog Server

MonitorWare Products – Utilization & Deployment

This article is to give you a detailed concept behind MonitorWare line of Products. MonitorWare is a line of products for network monitoring, management and analysis by Adiscon. MonitorWare has been designed with a philosophy that small to large sized enterprises have same critical network security needs and limited resources to purchase security solutions.

To challenge such limited resources Adiscon has come up with MonitorWare line of products that are designed to meet your requirements today and grow with as you grow as an enterprise. MonitorWare provides you intuitive log management and protection backed by expert guidance and support. Let us help you monitor and analyze your network so you can get on with your operations.

MonitorWare Products

MonitorWare line of products basically focus network monitoring with the help of Syslog messages generated by different Windows operating systems and devices like routers, switches etc. We broadly divide our products into four well defined categories to make our products cost effective and task focused, these are mentioned below with brief explanations:

  • Reporter – It forwards log messages to a central Syslog server.
  • Receiver – It receives Syslog messages while acting as a Syslog server.
  • Reporter & Receiver – It acts both as reporter and receiver.
  • Analyzer – It generates reports on consolidated data in the MonitorWare database created by other Adiscon products or third party products.

MonitorWare Products

Reporter

Receiver

MonitorWare Reporter & Receiver

MonitorWare Analyzer

MonitorWare Tools

MonitorWare Products Selection & Deployment

To understand, how best you can use MonitorWare Products I consider a scenario and try to design a cost effective solution for you.

Scenario

You are a System Administrator in a small company and you need to have a network monitoring solution for your computer lab comprised of following components:

Workstations: 10

Server: 01

Requirements

You need to forward Windows Eventlogs from all machines to your one single machine acting as a Syslog server and want to have logs stored to a central database.

Solutions

Here you can have multiple solutions. Let us discuss them one by one:

Solution 1

You simply install MonitorWare Agent on all of your machines.

You need to configure Syslog server service available in MonitorWare Agent on one of your machines and EventLog Monitor V2 service that is also available in MonitorWare Agent on rest of the machines and configure it to forward Windows Eventlogs to a machine that is configured with Syslog Server service. Please note that if you want to monitor the Windows Eventlogs of the machine that you have configured as a Syslog server, you also need to configure Event Log Monitor service on that machine.

The log database can then be searched with Adiscon LogAnalyzer from any PC in the network (webserver required).

Merits of this solution:
  • You can have more then one Syslog servers in your network, helps you load balancing your traffic load (if this solution leads to thousands of machines).
  • You also have specialized MonitorWare Agent features.
De-Merits
  • It is not a cost effective solution. It costs you eight times more as compared to the most effective one.
Solution 2

You simply install WinSyslog on one of your machines and configure it as a Syslog server. All other machines should have EventReporter installed and configured to forward Windows Eventlogs to the Syslog server. Please note that to monitor the event logs of the machine acting as a Syslog server, you also need to install the EventReporter on it.

The log database can then be searched with Adiscon LogAnalyzer from any PC in the network (webserver required).

Merits of this solution:
  • It’s the most cost effective and targeted solution as far as your requirements are concerned.
De-Merits
  • Only one machine is acting as a Syslog server results in single point of failure as far as receiving messages are concerned.
Solution 3

You install MonitorWare Agent on one of your machines and configure Syslog server service and EventLog Monitor V2 service on it. Now, this machine is acting like a Syslog server and also reporting it’s own Windows Eventlogs. All other machines should have EventReporter installed and configured to forward Windows Eventlogs to the Syslog server.

The log database can then be searched with Adiscon LogAnalyzer from any PC in the network (webserver required).

Merits of this solution:
  • It’s also a cost effective and targeted solution as far as your requirements are concerned.
  • You also enjoy specialized features of MonitorWare Agent.
De-Merits
  • Only one machine is acting as a Syslog server results in single point of failure as far as receiving messages are concerned.
Scroll to top