There is a great network tool I’ve been using for years, from Kiwi (part of SolarWinds), called SyslogGen. I simply love this tool…it’s flexible and powerful, yet easy to use and learn. Basically it’s a tool used to send test syslog messages to a log server so you can verify proper operation of logging and alerting. I used it today at work…
I’m in the middle of troubleshooting an issue at one of my remote sites. I have a fiber Internet circuit feeding the site, and I’m seeing very intermittent short outages (about 2 each day), lasting approximately 90 seconds. During the outage, both the Internet and my VTI (Virtual Tunnel Interface) drops. I’m working with the carrier, but it’s slow going, as I have to prove to them there is actually a problem.
Since the outage is short, my network monitoring system is not seeing (or alerting) on the outage, and I need to know right away when this event occurs. The good news is my centralized syslog server is seeing the events from my core router via EIGRP “Neighbor is down” messages. The tunnel interface in question is “Tunnel81”, so I configured SWATCH on my server to alert on any Tunnel81 syslog messages…
This is all fine, but how do you know it will work? What if I made a mistake in the Swatch config, and I miss the next outage? Enter SyslogGen…
As you can see, I’ve configured SyslogGen to send a syslog message to my log server (10.12.1.242), at facility Local4, and with the test message Tunnel81. I clicked Send, and within a few seconds, I got both an email notification and text message alert…
VERY cool stuff here! And even better, this program is FREE from Kiwi. Check out Kiwi’s free stuff. Kiwi also has an awesome network management application called CatTools. I’ve used it for many years to manage all of my network device backups. You can configure it to fetch router, switch and firewall configurations and archive them; alert you to any config changes (this is CRITICAL to know and keep track of); and it can push configuration changes to your network devices which can save lots of time (do you really want to log into 100 separate devices to change the NTP server address?). Price is very reasonable at $750.
So check out Kiwi and grab a copy of SyslogGen. Let me know what you think!
Good post.