Don’t know what a syslog is? It is essentially the eventlog for Unix boxes. Unix oriented shops solved the consolidation of log files with Unix syslog based management systems using a central syslog daemon which is the source of all monitoring and alerting in these environments. A syslog daemon normally listens for incoming syslog messages on UDP port 514 and then decodes and processes the messages for logging and notification purposes. If you need to integrate Windows NT, Windows 2000 and Windows XP into the syslog system, there are products to do this.
- Adiscon’s Eventlog Reporter
Syslog integration for Windows. Syslog facility codes are fully supported. Trialware version available. Part of their Monitorware line of products.
- BackLog – Windows NT Event Redirection
BackLog is a Windows NT service that facilitates the real time central collection and processing of Windows NT Event Log information. All three event logs (Application, System and Security) are monitored, and event information is converted to comma delimited text format, then delivered over UDP to a remote server.
- Windows NT syslog service
This program runs as a service under Windows NT 4.0 and Windows 2000. It formats all System, Security, and Application events into a single line and sends them to a syslog(3) host.
- SANS : Practical Implementation of Syslog in Mixed Windows Environments for Secure Centralized Audit Logging
For more information, see my general Logging / Syslog / Log Analysis Resources tip or Adison’s How to Monitor Windows NT from Unix if you interest is limited to Windows.
If you are predominantly Windows-based and need to centrally manage devices such as Cisco routers which are syslog-based? Need a syslog server for Windows?
- WinSyslog web site
- SL4NT 2.1
syslog deamon for windows runs as a service
- Kiwi’s Syslog Deamon for Windows
freeware
- 3COM has a free syslog daemon
- MT Syslog Deamon
… and what about XP?