How to integrate the sysloggtw and logmon probes in UIM to alarm on selected syslog events/messages, since sysloggtw does not have a filter capability.

Release:
Component: UIMSYL

- guidance

The sysloggtw probe acts as a gateway from the Syslog "world" into UIM. Most network devices, such as routers, switches, bridges and so on, report events using SNMP as well as using the well-known syslog format.

Your network admin can configure one or more devices to send syslog data to the NMS hub.

The sysloggtw will listen to port 514/udp when running in a receive mode.

All incoming syslog messages will be acted upon using the defined receive mode:

- Generate Nimsoft Alarm
- Generate SYSLOG-IN (for post-processing) messages
- Log to file

The sysloggtw is also capable of receiving Nimsoft alarm messages from the NAS auto-operator that will be converted to a syslog message and passed on to remote syslog daemons.

You may combine the sysyloggtw with logmon to post-process incoming syslog messages.

Note that some devices e.g., Cisco routers may add an index to each message. In such cases, use logmon to reformat the text and severity levels instead of having sysloggtw determine the alarm level according to the syslog priority.

See attached Word doc for detailed instructions: "sysloggtw configuration"