Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Kiwi Syslog Server > Configure a different log file for each Device

Configure a different log file for each Device

Table of contents

Updated May 31st, 2016 

Overview

In the following example, the customer has 4 servers, 1 firewall, and 1 L3 switch and wants to configure a different log file for each device.

Environment

  • Kiwi Syslog 

Steps

We can achieve this by using Auto Split Values.

Using Auto_Split values eliminates the need to use filters and actions to split incoming messages into multiple log files.

 

 

 

 

C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-%IPAdd4-%DateISO.txt

 

To use the AutoSplit values, place the cursor at the point you want to insert the new value and then click the "Insert AutoSplit value" link and choose from the menu items. The new variable will be placed at the current cursor position.

 

When a message is received, the variable will be replaced with a value from the message. For example %PriLevAA will be replaced with the message Priority level.

The AutoSplit values can be used anywhere within the path or log file name, as long as the result would make a valid file name.

http://www.kiwisyslog.com/help/syslog/index.html

 

Below we will use Host IP to split our log file. We will then have a different log file for each IP address.

 

 

Below we can see our 2 files from IP address x.x.x.176 & x.x.x.196.

 

 

 

Last modified
08:32, 15 Jun 2017

Tags

Classifications

Public