Concepts  
 

MonitorWare concepts - WinSyslog

Article created 2004-05-27 by Tamsila-Q-Siddique.

Services

Services inside the MonitorWare Agent gather the data that is processed by rules. Each service type reflects a specific set of code inside the MonitorWare Agent. For example, a Syslog Service represents an instance of a Syslog Server and an NT Event Log Monitor Service represents an instance of an NT Log Monitor (periodically pulling out log information).

Typically, there can be multiple instances of the same service running, as long as their configuration parameters do not conflict. For example the syslog service: there can be multiple syslog servers on a given system as long as they listen to different ports. Consequently, there can be multiple instances of the syslog service be created. For example, there could be three of them: two listen to the default port of 514, but one with TCP and one with UDP and a third one listens to UDP, port 10514. All three coexist and run at the same time.

The following services are supported:

Syslog server

Implements a Syslog Server. It can be set to listen to any valid port. UDP and TCP communication is supported.

SETP server

Implements an SETP Server. It is used for reliable receiving event notifications.

Heartbeat

This service generates a special information type. Its primary purpose is to notify an upstream system that the MonitorWare agent set for heart beating is still alive. So the upstream system can be configured to raise alarms (or corrective action) if it does not receive heartbeats from the downstream system.

SNMP Trap Receiver

SNMP Trap Receiver allows you to receive SNMP messages. A rough description of a Trap is that it is somewhat like a Syslog message, just over another protocol (SNMP). A trap is generated when the device feels it should do so and it contains the information that the device feels should be transmitted. It also contains some (few) standard items, as the version, community etc.

Associated rule sets

Each instance of a service has an associated rule set. This allows easy creation of customized rule sets on a per service basis. Of course, all services can also operate on a common rule set.

All services are executed as multiple threads inside the MonitorWare Agent. From the operating point of view, there is only one system service called the "MonitorWare Agent". If the service configuration of the MonitorWare Agent is modified, the MonitorWare system service needs to be restarted in order to activate the new configuration. Later releases will have some options to automate this task.

MonitorWare
 Home
 The Products
MonitorWare Products
Product Comparison
Which one to Purchase?
Order and Pricing
Upgrade Insurance Info
News Releases
Version History
MonitorWare Tools
 Event Repository
 Download
 Reference library
General Information
Step-by-step guides
 - All
 - Installation and Configuration
 - Services related
 - Actions related
 - Central Monitoring
Common Uses
Syslog configuration
Syslog Log Samples
Security Reference
 Help
Support
Manual
FAQ
 - All
 - General questions
 - Configurations related
 - Monitorware Agent
 - Monitorware Console
Articles
Seminars Online
 - All
 - General
 - MonitorWare Console
 - MonitorWare Agent
 - WinSyslog related
 - EventReporter
 Order & pricing
Order now
Product Comparison
Pricing Information
Upgrade Insurance Info
Local Reseller
 Contact Us
 Search
 
 



Printer Version Send this page to a friend

Copyright © 1988-2005 Adiscon GmbH All rights reserved.
Contact us via Secure Web Response | Privacy Policy
Topic Links: syslog | Free Weblinks Directory