Enterprise Windows Syslog Server, Log Management, Consolidation, Monitoring and Compliance Software Tool

What is Windows Syslog Server?

Corner Bowl Windows Syslog Server is an extensive enterprise-class SIEM software monitoring and management tool for IT professionals that includes a powerful Windows Syslog Server that can process and save over 100,000 syslog messages per second, saves syslog messages to a centralized database, triggers real-time alerts, executes remediation actions, relays syslog messages to other syslog servers and more. Windows Syslog Server will help you fulfill compliance requirements for CJIS, CMMC, JSIG, NIST, GDPR, HIPAA, PCI/DSS and SOX.

High Throughput Syslog Servers

  • Supports UDP, TCP and FIPS compliant TLS 1.2.
  • Parses, filters and saves over 100,000 syslog messages per second.
  • Bind to any port and Network Interface Card.
  • Includes a built-in DNS cache enabling Linux syslog messages to be centrally saved using their fully qualified hostnames.
  • Parses RFC 5424 and RFC 3164 compliant messages.
  • Optionally define syslog message delimiters such as CRLF, CR, LF or Null.
  • Automatically cleans up idle TCP syslog client connections.
Online Documentation

Syslog Consolidation and Backups

  • Consolidate your syslogs by centrally saving and backing up your syslog messages to either Microsoft SQL Server, MySQL, SQLite, text files or CSV files.
  • Use regular expressions to parse attribute value pairs to their native data types then save to your RDBMS for internal and external analysis (e.g. integer, decimal and date/time).
  • Use our Log Entry Retention Policy and Directory Cleaner Templates to automatically delete old event log entries and file backups no longer required for compliance.
Online Documentation

Syslog Monitor

  • Real-time monitor any syslog device.
  • Use regular expressions to parse attribute value pairs to their native data types for use in filters (e.g. integer, decimal and date/time).
  • Parse Linux Audit log messages and extract attribute value pairs.
  • Create Complex Filter Criteria with support for any data type.
  • Apply frequency rules (e.g. Get notified when an error occurs 3 times within 5 minutes).
  • Includes maintenance schedule rules.
Online Documentation

Log Entry Retention Policy

  • Configure how long to retain syslog messages in the log databases (e.g. Archive syslog messages older than 30 days and remove entries older than 90 days).
  • Schedule and manually remove syslog messages no longer required for analysis and compliance.
Online Documentation

Syslog Analyzer

  • Watch Syslogs in real-time.
  • Page through large log files, search, highlight, view frequencies, mark entries and export result sets.
  • Group and sort log entries using complex regular expression driven attribute value search criteria.
  • Create complex filters from messages.

Online Documentation

Schedule Analysis and Compliance Reports

  • Schedule daily analysis reports that scan, filter, export and email specific consolidated syslog messages.
  • Run interactive compliance reports on-demand.
Online Documentation

How does Windows Syslog Server do it?

  • Windows Syslog Server starts TCP and UDP Syslog Servers to receive messages, monitor, save and centralize syslogs from devices such as switches, routers and firewalls.
  • Simply configure your hardware devices and Linux servers to forward their syslog messages to the IP address Windows Syslog Server is installed.
  • Syslog messages are automatically saved to the centralized log database.
Windows
Linux
SQLite
  • The world's most popular
  • Embedded RDBMS
  • No configuration required
Microsoft SQL Server
  • The fastest RDBMS solution
  • Optimized batch inserts
MySQL
  • The world's most popular
  • Open source RDBMS

Last Updated: April 14th, 2023