Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
Google takes direct aim at Microsoft
Microsoft promises to stymie hackers next week with new patches
Chrome OS spotlights rapidly changing mobile Web environment
IT pros continue to lose jobs
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Net/Systems Management /

Closing our traps (and messages)

Related linksToday's breaking news
Send to a friendFeedback

Gearhead archive By Mark Gibbs
Network World, 07/22/02

Last week we promised to discuss how we could handle both types of system message logging, that is, syslog messages and SNMP traps. We looked at a number of tools, but in the end we found that Kiwi Syslog Daemon from Kiwi Enterprises - which we reviewed in a previous Gearhead column - is the best we could find.

Kiwi Syslog Daemon is the only product we have found that lets us field SNMP traps and resend them as syslog messages or vice versa (that is, syslog messages resent as SNMP traps).

Advertisement:

You also can forward either type of message to another node, thus letting syslog messages be integrated into an SNMP network management system. And even better, with a little creativity you can create syslog messages and SNMP traps that contain whatever content you please.

Another tool from Kiwi Enterprises that might be useful in a message logging environment is Kiwi Logger (for more information, go to DocFinder: 1331).

Kiwi Logger is a Windows console-mode utility that sends text messages via the command line to any syslog daemon (such as the Kiwi Syslog Daemon). You can use UDP or TCP, set the priority value as either a numeric value or symbolic name (makes understanding batch files much easier) and the utility will return an error value in the case of failure.

Yet another tool you might want to check out when playing with SNMP traps is TrapWatcher from Paul Regenhardt, which is free. This is a Java 1.2 application that listens (on the standard port 162) for SNMP traps. All received traps are decoded into ASN objects that are reported to a console window and a log file.

TrapWatcher is very useful and comes with two other tools: TrapRecorder and TrapPlayer, Java 1.2, applications that, respectively, records SNMP traps into a data file and plays them (fabulous for debugging).

If you are planning to really use syslog messaging heavily (quite possible if you have lots of routers to manage) you might want to check out Envision from Network Intelligence (DocFinder: 1332).

Envision, which runs under Windows 2000 with Win32 Java 2 Runtime Environment Version jre-1_3_1 or later on a dedicated machine (to ensure adequate performance in environments that have a high volume of events), is designed for message rates of up to 5,000 events per second . . . which translates to one busy, complicated network environment.

The product provides real-time alert notification via sound, alert windows, e-mail, SNMP or pager messages; can be interrogated via a Web interface; supports multiple managers (pretty much a requirement when dealing with large networks) and ad-hoc queries; offers "more than 180 reports and graphs for in-depth network analysis, user analysis, security analysis and system analysis"; and customized and schedulable reports.

The range of devices monitored by Envision is limited to a list of common products (DocFinder: 1333), a shortcoming, because there is no support for custom devices. Pricing starts at $1,500 for handling up to 100 events per second while 5,000 eps will set you back $46,500.

A really cool version of the product is packaged as an appliance that the company calls the Network Intelligence Engine and says can be deployed in 10 minutes. Pricing starts at $19,250 for 1,000 eps and tops out at $59,500 for 5,000 eps.

So, in this series of stories we've mentioned SNMPv1, SNMPv2 and, very briefly, SNMPv3. In March of this year, the Internet Engineering Steering Group approved SNMPv3 as a full Internet standard and the first implementations are appearing. New Cisco routers are being shipped with SNMPv3 support.

So, what is SNMPv3 all about? In an article on the protocol by William Stallings in the Cisco "Internet Protocol Journal" for December 1998, Stallings says: "As one of the SNMPv3 working documents puts it, 'SNMPv3 is SNMPv2 plus administration and security.'"

We recommend Stallings' article, the SNMPv3 resources page at The Institute of Operating Systems and Computer Networks and Network World's Network Management Primer as starting points.

Next week, no more messaging. In the meantime, send yours to gearhead@gibbs.com.

Comments and suggestions to gh@gibbs.com.

Gibbs Forum
The place to discuss Gibbs's columns.

Check out this week's edition of

Backspin for more musings from Gibbs.

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.