Not Registered? Sign Up Now!
myNetWatchman Privacy Statement

Log in for advanced features

E-mail:

Password:

 
  Remember Me

mNW Reports  FAQ: mNW Reports





(Registered Users Only)


Look Up Incidents by IP Address
 

 

Cisco via Kiwi Logging setup

Created: 2003-09-12

Note: These procedures have been modified to work with version 7.x of Kiwi's Syslogd server. If you are running an older version of Kiwi, please upgrade to 7.x or later before proceeding.

The basic steps are as follows:

  • Download and Install Syslogd/SNMP trap receiver software from Kiwi
  • Configure logging on your Router to send events to the IP address running Kiwi

Step 1: Kiwi Installation/Configuration

  • Download Kiwi Syslogd v7.x or later
  • Install Kiwi on the same PC you intend to run mNW


    • Note: Make sure you check "Place Shortcut in start-up folder". Kiwi must be running all the time in order to capture your Linksys event logs.

  • Download mNW Kiwi Init file (Right-click, Save Target as to C:/Program Files/Syslogd )

    Note: If you installed Kiwi in a non-default folder or drive, save the INI file to the appropriate directory...you'll also need to edit the INI file and change drive and folder references as appropriate.

  • Launch Kiwi, (Start/Program Files/Kiwi)


  • Select File/Properties, then "Modifiers"



  • Enable "Remove embedded date & time from Cisco messages" and click OK.
  • Select Actions/Log to File:



  • Set Logfile format to ISO/UTC, then click OK

Step 2: myNetWatchman Configuration

  • Click on myNetWatchman Configuration screen
  • Click on "Log File" button and navigate to your Kiwi log file ( e.g. C:/Program Files/syslogd/syslogcatchall.txt) , then click OK
  • Select "Cisco via Kiwi" in the "Log File Format" drop down menu.

Step 3: Send Test message

  • Open your Kiwi status window and type CTRL/T to generate a test message.

  • Switch to the mNW Upload Status screen...within 7 seconds you should see upload attempt messages

    Note: The server should respond with: REPORT_FILTERED. This is the expected result as the Kiwi test generates an empty message that the server can't parse.

  • Scroll the mNW Upload Status screen to the right to see more details:

Important:

Check the timestamp shown in the "Log line" column--make sure that the correct UTC (Universal) time is reported. (For example, the above tests were performed on 2002-04-21 16:05:58 (EDT). Eastern Daylight Time (EDT) is 4 hours behind UTC (-0400 UTC). To calculate the current UTC time we take the local time and ADD 4 hours to get 20:05:58 (UTC). So in this case, Kiwi is converting our local times to UTC correctly. Click here for a guide to convert your local time zone to UTC time.

Step 4: Configure Cisco to log events to Kiwi

See your Cisco documentation.