Centralize and simplify log message management across network devices and servers.
Kiwi Syslog Server is initially configured to listen to syslog messages via UDP 514. There are additional options to listen over TCP and Secure TCP, with the option to listen for SNMP traps. You can enable these options by going to the Input section and clicking the respective protocols that you want Kiwi to listen for. You need to make sure that the protocol and port selected in Kiwi match that of your devices.
If your protocol and port match but you're still not seeing messages, you should verify the firewall is allowing traffic to pass through on the port and protocols selected. If the firewall settings are correct, ensure that no other services are utilizing the port.
To find which service is utilizing the port, go to command prompt and type "netstat -ano." This command will give you a list of active ports and the ID of the process that is bound to them. Check for UDP port that ends in 514 and look up the corresponding process ID. In this example, it reads: 4948.
Now, open the Windows Task Manager and go to the Processes tab and look for the process ID 4948. If there is no column shown for Process ID, go to View, Select Columns, and check the option 'PID' (Process Identifier). In this case, we find that the process associated with PID 4948 is Syslogd Service.exe. If you find another process listed for this PID, right-click on the process and then select 'End' so that the port is now available to Kiwi.
Return to the Kiwi Syslog Server console, click on the 'Manage' menu, and 'Stop the Syslogd service', and start it again. Now, you should begin seeing messages.
For more information on Kiwi Syslog Server, contact KiwiSales@SolarWinds.com.