The Ultimate Syslog Monitor – eBook

CLICK HERE FOR MORE DETAILS on how to utilize Ciscocmd to monitor you entire network at a glance and keep your finger on the pulse of your global communications infrastructure.

SUBSCRIBE HERE for to receive useful updates and tips for Network Administration and Automation.

Introduction:
When I first started trying to find products that would analyze log files and report interesting events to our network operations team, I kept running up against extremely expensive and daunting products, such as Arcsight. I call these “way of life” products because you have to commit a large amount of resources and money to maintaining the solution. You have to literally commit to changing your way of life. You have to talk to their sales people, create purchase orders for more licenses every time you add a new device in your network, upgrade the server, listen to a pitch by the vendor to use the software as a service, justify all the money your spending to your supervisors, and on and on…. Then you cannot buy other important tools because you already spent a ton of money on this, and you need to go to training because it is so complex, and now your boss wants you to get “certified” in the product.

All I wanted was something that read a message that I was interested in and then send my team and me an email. That’s it. I tried to write this tool myself, but it turns out reading streaming data of a log file is trickier than it seems. So to make a long story short, one day after searching for years, I came across the a tiny open source project for monitoring syslog. I tried it out. The heavens parted. I was able to closely monitor an entire fortune 100 network closely with one free open source product installed in minutes on cheap Unix server. Amazing!

Why is log analysis / event correlation so powerful?

Log Analysis and event correlation is so powerful because the syslog monitor is able to view all of the data from all of your network devices in one location. You can pick up interface flaps, power supply issues, cpu spikes, etc, etc… in one location. It does not matter what the message is, it is all sent to the same place. It is up to you and the syslog monitor to filter out what is significant. Don’t worry! With the template I provide you, you already have the means to extract a large chunk of what you need.

Open Source
No licenses, No sales people, No costs, No headaches.

Pareto Principle 80 / 20
The information I provide you with is designed to provide you with everything you need to know to get up and running quickly. This information is also designed to provide you with the most simple and effective configuration possible. Because the syslog monitor is capable of extremely complex configurations and rule sets, you will be provided with references to advanced material. However, we are going to stick with our friend Wilfredo Pareto, the creator of the 80/20 rule. Our goal is simple yet effective.

Get Ready, Hang On!
The eBook describes an extremely powerful, fast, real time event correlation and log analysis engine. The information in the eBook will help you start monitoring your entire network very quickly. Once you get started, you may have complete strangers coming up to and asking how you detected that issue. Or even better, you may for the first time in your career experience complete silence. You will have already detected and prevented customer impacting outages, before anyone notices. Get ready to experience a Zen like state of awareness and tranquility.

CLICK HERE FOR MORE DETAILS on how to utilize Ciscocmd to monitor you entire network at a glance and keep your finger on the pulse of your global communications infrastructure.

SUBSCRIBE HERE for to receive useful updates and tips for Network Administration and Automation.