Syslog Summary Report (Generic)

Wednesday, February 24th, 2010

This is an overview system activity report for syslog Data.

Author: Andre Lorbach (Adiscon)
Report Category:
syslog
Report ID:
syslogsummary
License: GPLv3
Known Compatible With: integral part of Adiscon LogAnalyzer (v3.0+)
Download: part of the Adiscon LogAnalyzer install set
Support: all Adiscon LogAnalyzer Support options
Demo Report: [HTML] [PDF]


phpLogCon 2.8.1 (v2-stable) released

Wednesday, February 24th, 2010

Hi all,

We have just released phpLogCon 2.8.1. The new release has the following changes:

– Added Updatecheck which will be performed during login only, so once per session. If a newer Version is available, you will be notified in Admin Center.
– Secured Views, Sources, Searches and Charts Admin access from users without admin access.
– Settings will be remembered now when configuring columns in Views Admin Panel.
– Normal users cannot init or remove message parsers anymore
– Added Time-extension on search page (send by Sergey Sireskin).

Download:

http://loganalyzer.adiscon.com/downloads/phplogcon-2-8-1-v2-stable

As always, feedback is appreciated.

Best regards,
Tom Bergfeld


phpLogCon 2.8.1 (v2-stable)

Wednesday, February 24th, 2010

Download file name: phpLogCon 2.8.1 (v2-stable)

– Added Inline searchicon, will be visible in each online searchable field. Can be disabled in admin center.
– Added Updatecheck which will be performed during login only, so once per
session. If a newer Version is available, you will be notified in Admin Center.
– Secured Views, Sources, Searches and Charts Admin access from users without admin access.
– Settings will be remembered now when configuring columns in Views Admin Panel.
– Normal users cannot init or remove message parsers anymore
– Added Time-extension on search page (send by Sergey Sireskin).

Version: File size: 905.47 Kb


What are Message Parsers?

Tuesday, February 23rd, 2010

Adiscon LogAnalyzer has a module structure and can be extended by so-called plugins. One type of plugin is the message parser. Message parsers are used to obtain structured information from a log message.

A prominent example are Windows event log messages. There is no standard format on how these look when converted to syslog. Consequently, Adiscon LogAnalyzer can not nicely display them per se. However, with the help of the Windows Event log message parser, a core component, the contents of the syslog message can be split into the relevant fields, like event id, priority, description, parameters and so on. This enables to process Windows events in syslog messages in the same way as if they were originally stored inside the database. Adiscon LogAnalyzer includes a Windows event parser suitable for use with Adiscon EventReporter and MonitorWare Agent.

(more…)


Datagram Syslog Agent Message Parser

Tuesday, February 23rd, 2010

Provides support for the datagram syslog agent message format

(more…)


Snare Message Parser

Tuesday, February 23rd, 2010

Provides support for the snare agent message format

(more…)


phpLogCon becomes Adiscon LogAnalyzer

Tuesday, February 23rd, 2010

As in all things, there is a certain fashion in open source project names as well. For a long time, "php*" was a great name for php-based open source solutions. However, nowadays these somewhat bulky names have been replaced by "more streamlined" names.

I personally think that dropping the "php" part makes it somewhat easier to speak and write about these projects. So we decided it was right to drop "php" from "phpLogCon". But was "LogCon" the ultimate name for a tool to search, analyze and (starting with v3) report on network event logs? A quick discussion within our group as well as with some external buddies turned out that "LogCon" is probably pretty meaningless. Even if one deciphers "Con" for "Console" – what does it mean to be a "Console" in this context? Not an easy to answer question. Bottom line: "LogCon" is pretty meaningless.

So we thought we do "the right thing" and rename the project before it becomes even more widely spread. The later you do a name change, the more painful it is. That made us think about good names. We ended up with "LogAnalyzer", because analysis is the dominant use case for this tool (especially if you think of reports as being part of the analysis ;)). Another quick search made us aware that there are (of course) lots of "LogAnalyzers". And, of course as well, all second level domains were taken.

Bare of an expensive legal adviser, we made the decision to boldly name the project "Adiscon LogAnalyzer", aka. "the log analyzer (primarily) written by Adiscon". With that approach we use our company name (which obviously legally belongs to us) together with the generic term "LogAnalyzer". That is done in the hope that it will resolve any legal friction that otherwise may occur. For the very same reason you will see us consistently referring to "Adiscon LogAnalyzer".

(more…)


Eventlog Summary Report (generic)

Friday, February 19th, 2010

This is an overview system activity report specifically written for Windows Event Log Data (proper message parser required).

Author: Andre Lorbach (Adiscon)
Report Category:
eventlog
Report ID:
eventsummary
License: GPLv3
Known Compatible With: integral part of Adiscon LogAnalyzer (v3.0+)
Download: part of the Adiscon LogAnalyzer install set
Support: all Adiscon LogAnalyzer Support options
Demo Report: [HTML] [PDF]


Event Log (Windows) Message Parser

Friday, February 19th, 2010

This message parser permits LogAnalyzer to understand native Windows Event Log fields (like eventid, catagory, etc) as reported by Adiscon EventReporter and MonitorWare Agent.

(more…)