I’m a big fan of using syslog to automatically collect event messages from network devices, rather than monitor devices individually. Over the years, the syslog protocol has become an industry standard for creating, sending and collecting event messages.
A standard syslog message includes the following information:
- Facility type (OS, app or service) that originated the message
- Severity level associated with the message
- Date and time the message was sent
- Hostname or IP address of the sending server or network device
- Message text containing the event description
OS’s, applications and services continuously send these messages to centralized syslog servers. Depending on the capabilities of a particular syslog server, syslog messages can be sorted and viewed according to criteria such as message source, event severity or key words in the message text. Isn’t that convenient?
Also, the syslog server may filter syslog messages and raise alarms based on severity level. These alarms let you deal with unstable network elements first and the respective syslog messages give you the details to understand the source of the problem.
Here’s a simple table showing syslog severity levels:
Seems simple right? One challenge is that sifting through a ton of syslogs to troubleshoot a single problem can take hours. You need a way to consolidate, analyze and visualize the information to reduce system downtime and increase network performance. We have a great way for you to see your network status at a glance, check out dVUE6, a cool desktop gadget (for XP and Vista) that monitors the availability and alarm status of your five most alarmed devices in your network. For more information, and to download the gadget, follow this link.
Here is a graphical view of dVUE6
No comments:
Post a Comment