Applied Infrastructure

Browse by Tags

• event analysis
• Event and Alert management
• event correlation
• event masking
• event suppression
• events
• Featured
• NetMRI
• network management
• snmp traps
• summary
• syslog summary script
• syslog-ng
• UDP packet loss

• Designing a Logging Solution

  I just found out about a great tutorial on designing logging solutions by Marcus Ranum. Marcus has been doing network security work for a long time and is well known in the network security industry. I have previously referenced some of his work in my... Posted Nov 16 2011, 04:33 PM by tslattery with | with no comments Filed under: syslog, syslog summary script

• Defining Event Correlation and Event Suppression

  The first component of a good network management system is an event handling system. A basic event handling system can be easily implemented with open source tools like syslog-ng . Just watching the new events arrive can be very enlightening. Many network... Posted Oct 07 2010, 12:27 AM by tslattery with | with no comments Filed under: events, event analysis, Event and Alert management, Featured, syslog, event masking, event correlation, syslog summary script, event suppression

• Syslog, SNMP Traps, and UDP Packet Loss

  I was recently checking out a product that does syslog correlation and noticed that it had not reported a couple of events that I could see in syslog-ng's log. I use syslog-ng because it is free, easy to install and configure, performs filtering,... Posted Jul 19 2010, 01:56 PM by tslattery with | with no comments Filed under: Featured, syslog, UDP packet loss, syslog-ng

• Handling Network Events (syslog and snmp traps)

  I've been doing some more reading about network event handling and found some interesting articles and a few facts that I'd like to share. I have my own ideas about handling network events, but am open to learning what other people do and why... Posted Jun 06 2010, 04:53 PM by tslattery with | with no comments Filed under: network management, event analysis, Featured, syslog, snmp traps

• Syslog Summary Script

  I just finished posting a neat syslog summary script that was passed to me by Phil Koontz. He uses it every day to keep track of syslog events. You can download it from the Netcraftsmen website: http://www.netcraftsmen.net/Resources/Technical Articles... Posted Oct 28 2009, 07:36 AM by tslattery with | with 1 comment(s) Filed under: event analysis, Event and Alert management, Featured, syslog, summary

• Handling Event Data, Part 2

  I'm continuing the list of NMS event handling requirements. Unstable interfaces In the last post, Handling Event Data, Part 1, I talked about correlating interface up/down events. I would also like to know if an interface is unstable. This is where... Posted Oct 22 2009, 08:51 AM by tslattery with | with no comments Filed under: event analysis, Event and Alert management, Featured, syslog, summary

• Handling Event Data, Part 1

  I've been examining the handling of event data and wanted to share what I see as common requirements. For the next few posts, I'll describe the requirements and why they are important. Syslog Summary My first requirement was addressed in the prior... Posted Oct 22 2009, 07:52 AM by tslattery with | with no comments Filed under: event analysis, Event and Alert management, Featured, syslog, summary

• Event Reporting

  I'm working on network management requirements for several customers and keep running into the same requirements. One of the key requirements is that of event reporting. Events typically take two forms: syslog and SNMP traps. In both cases, they are... Posted Feb 23 2009, 11:05 AM by tslattery with | with no comments Filed under: NetMRI, event analysis, Featured, syslog, snmp traps