logo

 

 

Features: (in no particular order)   

  1. Overview
  2. benefits
  3. syslogD
  4. secure info via https


Overview 

eBuzzsaw provides a centralized logging solution for the heterogeneous computer environment and networked systems.
eBuzzsaw collects nt event logs remotely (ie no client on the nt machine is required ) and is a syslog server able to receive logs from unix hosts (BSD, Linux, AIX, Solaris, etc). Possibly macs using osX in the future. It will also receive logs from any router capable of sending log info.

The ability to centrally: collect / manage / analyze / report/ on log messages is one of the most important sources of information. We believe regular (multiple times per day) is key to managing a network with as few as 5 computers and becomes a necessity as one has more than 30 machines.

 

LOGS into a sql db the following:
NT eventlogs. (pulls them remotely, requires no client on target machine).
syslogd messages. (all unix variants)
router logs. (most routers will 'syslog' their logs)

With centralized logging, one can see what is happening at any given time slice across the whole network and one can still drill down to see what is happening on just one machine.

The logs are stored in a very fast SQL data base and can be viewed from many different perspectives.

 

Back to Top


benefits

Relatively small cost provides for IT departments monitoring / preemptive ability to keep a company's core computer/network up and running. The loss of a portion, or much worse, a majority of the IT departments operations will have a corresponding down turn effect on the company's bottom line.

eBuzzSaw helps keep the IT department running smoothly.

Back to Top


 

syslodD

Utilizing our buffered syslogd running under NT, which we call syslogD, we are able to receive bursts of over 250 logs/sec and a sustained feed of 100 logs/sec storing up into a sql data base. This provides a measure of stability not seen in many logging systems in addition to superior performance.

It can listen on the standard port 514, or any other udp port of choice.

It can evoke multiple syslogD to listen on different ports. Useful for a non syslog data stream, like from a nid, honey pot, process log, etc.

speed: greater than 100 messages per second sustained. This is useful for multi-host simultaneous bursts.

Buffered: using a non-blocking buffer design allows for receiving syslog messages faster than a sql db is able to store the incoming messages. This better assures no dropped messages, which can happen on all other syslog servers.

 

Back to Top


secure info via https

Running reports is accomplished via standard web browser versions 3 and up that can store security tokens. We have tested Internet Explorer, Netscape, Opera and have seen no issues.

Utilizing https / ssl for the user interface, provides ease of use by not requiring a dedicated 'client' and can be used from inside or outside the intranet. From any computer that can run a browser, including mac's.

Even if someone is 'sniffing' your network, by using https / ssl it will provide some stiff obstacles against unauthorized eyes seeing your sensitive log information.

Back to Top