14-11
User Guide for Resource Manager Essentials 4.1
OL-11714-01
Chapter 14 Enabling and Tracking Syslogs Using Syslog Analyzer and Collector
Using Syslog Service on Windows
See:
• Setting the Backup Policy
• Setting the Purge Policy
• Performing a Forced Purge
• Defining Custom Report Templates
• Defining Custom Report Templates
• Defining Automated Actions
• Defining Message Filters
Step 4 Generate various reports such as Custom Summary report, Severity Level Summary report, Standard
Report, Unexpected Device report and Workflow report. See:
• Overview: Syslog Analyzer Reports
• Generating a Syslog Custom Summary Report
• Generating a Severity Level Summary Report
• Generating a Standard Report
• Generating an Unexpected Device Report
Using Syslog Service on Windows
System message logging is not part of the Windows operating system. Therefore, the CiscoWorks Server
provides logging service to Windows users.
The logging service saves each system message to NMSROOT\log\syslog.log (where NMSROOT is the
RME installation directory).
Syslog Analyzer reads and processes the messages in this file, and writes them to the RME database.
The Syslog processes use the database information to generate Syslog reports.
When the syslog.log file gets too big, you can stop the Syslog Analyzer (Start > Settings > Control
Panel > Services) and delete the log file.
Note View the Permission Report (Common Services > Server > Reports) to check if you have the required
privileges to perform this task.
Step 1 Select Common Services > Server > Admin > Processes.
The Process Management dialog box appears.
Step 2 Select SyslogCollector and click Stop.
Step 3 Open the Windows Control Panel and select Administrative tools > Services.
Step 4 Select CWCS syslog service, and click Stop.
Step 5 Delete the NMSROOT\log\syslog.log file.
• To restart the syslog service in the Control Panel, click Start next to the CWCS syslog service.