Solved

What do you use for centralized event log monitoring

Posted on 2010-11-18
3
528 Views
Last Modified: 2012-05-10
Currently we have about 30 servers and every Monday remote in to each and check event log for application and system warnings and alerts

In efforts to be proactive in catching things like:
1.      Disk space
2.      System battery recharges indicating the battery may need to be replaced as it occurs more and more.
3.      Application errors
4.      And more…

However accessing 30 servers is a time consuming process so what we are looking to accomplish:
1.      Consolidate Event monitoring into one area per location
2.      Have an at a glance look at what is going on
3.      Notifications on critical events

I've searched online for some options but am wondering what the user community is using that they highly recommend.
0
Comment
Question by:bergquistcompany
3 Comments
 
LVL 5

Accepted Solution

by:
rotech_IT earned 500 total points
ID: 34165759
If you're running an all DELL shop I'd recommend OpenManage.  Install Open Manage System Administrator on each of the servers.  Then install OpenManage IT Assistant on a single server to manage each of the OMSA's.  IT assistant acts as your administration console if you will.  You can find OpenManage on www.dell.com/support download site.  It will monitor the health of the system and you can specify email alerts or view health from a central console.

I use Nagios to monitor system health as well.  We've integrated OpenManage into it along with various other system checks.  We have over 700 checks.  Nagios is also able to fire an email for certain alerts that you specify.  You'll want to build a dedicated linux box to run Nagios.  We run it on OpenSuse 11.3.  Nagios is opensource and free.   http://www.nagios.org/   An alternative to Nagios would be something like http://www.activexperts.com/ , we used this for a few years before switching to Nagios.  ActiveXperts is not free.

As far as event log monitoring, there are several applications out there.  This is a large requirement for PCI compliance, so most of these applications are not free.  Here's one that I like: http://www.kiwisyslog.com/kiwi-syslog-server-overview/

Hope that helps!
0
 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 34166430
I recommend to use System Center Operation  Manager

http://www.microsoft.com/systemcenter/en/us/operations-manager.aspx
0
 
LVL 6

Expert Comment

by:JRoyse
ID: 34215339
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

by Nathan Brom/Bromy2004 Introduction There are numerous websites out there for any different type of program you can imagine.  Of those, you'll need to decide which ones are legitimate and aren't trying to steal your money or infect your comput…
Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now