Nov 17, 2019. Aug 26, 2013.
Every minute, your routers, switches, printers, firewalls, and more are sending syslog messages regarding their activity and overall functioning. To collect—and make sense—of these messages requires the use of a syslog server. With so many syslog servers on the market, finding the right one for your IT team depends on the size of your company, so I’ve built this list of free syslog server tools and some of their paid counterparts.
My favorite? When it comes to performance, SolarWinds® Kiwi Syslog® Server free and paid solutions offer robust, comprehensive management of syslog messages through real-time statistics and alerts as well as an intuitive web console. Kiwi offers a free syslog tool that’s a limited version of its commercial version. It allows you to collect, view, and archive syslog message and SNMP traps for up to five sources. And if you need to monitor more than five devices, you can easily upgrade to the commercial edition. The paid version also has a free 30-day trial, so you can test it on all your network devices to see if it’s the best syslog server for your company.
Best FREE Syslog Servers
Kiwi Syslog Server – Free Edition
The free edition of Kiwi Syslog Server from SolarWinds is, in my opinion, the best free syslog server for companies in need of monitoring messages from a few devices (the tool can handle up to five).
![Best free windows syslog server Best free windows syslog server](/uploads/1/2/6/7/126782729/924521474.png)
With this tool in hand, you’ll receive centralized management of syslog messages and SNMP traps, be empowered to view and respond to messages, and even be able to archive messages and facilitate the compliance process. The free Kiwi Syslog Server also provides real-time statistics and daily statistic summaries so IT teams can keep their finger on the pulse of all activity. As far as free syslog servers go, this is by far the most comprehensive on the market.
If you’re looking to put a little spend behind your syslog server, the paid version of SolarWinds Kiwi Syslog Server can go a long way. In my view, Kiwi Syslog Server is not only the best syslog server for Cisco devices, but also a great syslog server Windows users within my community have come to rely on.
You can set custom alerting thresholds to monitor your entire IT infrastructure, all within one intuitive console. There are even a host of built-in actions to react to syslog messages, making it easy to trigger notifications and reports, run scripts, or forward syslog messages or SNMP traps to another host. The tool boasts detailed graphs of syslog statistics over designated time periods and automatically stores and archives logs, helping keep you compliant with SOX, HIPAA, PCI DSS, and more.
Paessler PRTG Network Monitor
Like SolarWinds, Paessler offers free and paid tools to help with syslog management through its PRTG network monitoring software. The free version for Windows helps IT teams capture and monitor syslog messages via a syslog receiver sensor and view all relevant information associated with syslog messages, like IP addresses and time of the message, through a single dashboard. From a security standpoint, PRTG will alert users if the contents of a syslog message exceed your predefined threshold values and even offers a ranking system. Messages with a “0” signify an emergency, while a “7” is typically an indication of a minor issue, like a debug. The free version of this software is powerful but can only be leveraged if you have a small network. While it offers extensive capabilities, the program’s functionality has been known to falter.
EZ5 Syslog Watcher
This free syslog server helps enhance the stability and reliability of your network through its syslog collection, sorting, and analyzing capabilities. It’s a high-performing tool designed to handle a heavy load, processing thousands of messages per minute and offering alerts via email in the event of unusual activity. You can even export syslog messages and data to your database or to a variety of file types, like CSV, XML, or JSON. Overall, it’s a strong tool, especially with its $0 price tag. Just don’t expect the more comprehensive centralization and reporting compliance of paid programs.
Project/Ipswitch WhatsUp Syslog Server
Another free syslog server software, WhatsUp Gold Syslog Server is a straightforward way to manage your syslog needs. It monitors syslog messages and provides real-time views into message data as well as filters to help you sort through the approximately 6,000,000 messages it can process per hour. To help customize your experience, Syslog Server encourages users to create rules for processing, sorting, and receiving syslog message alerts. These features make it easy to stay abreast of network activity and security. Since this is a free tool, the scope of its capabilities are fairly limited, but it’s great for smaller IT teams looking for a simplified syslog message management option.
How Do Syslog Servers Work?
However, to understand syslog servers, we must have a basic understanding of syslog. Syslog, short for System Logging Process, is a universal protocol for system message logging. All network equipment, like routers, switches, printers, workstations, and firewalls, can send syslog messages. These messages keep IT teams informed of all network equipment event activity. The syslog server collects and analyzes thousands of these messages per minute and determines the appropriate course of action. Without these analytic tools, syslog messages often fall through the cracks. This can drastically inhibit your company’s productivity, as you clunk through repairs and issues, and even put sensitive information in jeopardy.
To keep your company safe and on track, I recommend equipping the IT department with a syslog server that offers:
- Consolidation – To boost efficiency, syslog servers should centralize logs from systems and network devices, so you can quickly view syslog messages and pinpoint issues in minutes, not hours.
- Real-Time Alerts – A strong syslog tool will empower you to set predefined criteria for syslog messages based on time, type of message, or source, and alert you when these criteria have been met.
- Remote Capabilities – As an IT professional, you never know when an issue will arise. Staying in tune with your network health at all times, from any location, is essential. Look for a syslog server with a web console you can view when you’re at the office, or while you’re on a business trip.
- Compliance Reporting – Log collection and retention are the mainstays of many compliance frameworks. An advanced syslog server should be equipped to schedule automated log archival and cleanup and generate syslog reports, making it easy to comply with industry standards and keep your company in good standing.
- Sorting – Trying to sift through millions of syslog messages is no easy task. Find a syslog server with advanced filtering, so you can search messages by host name, host IP address, priority, time of day, and more to quickly access the critical data you need.
Depending on the size of your business, many free tools offer robust capabilities that could be just what you’re looking for.
Finding the Syslog Server in 2020
Finding the right tool for your company can be overwhelming amidst so many options. I recommend looking for a syslog server that centralizes all network and device logs, offers advancing filtering qualities, alerts you to anomalies, and helps keep you compliant with industry standards. My personal favorite? Both the free and paid version of SolarWinds Kiwi Syslog Server offer robust, comprehensive syslog message management. Download the free 30-day trial and try it out for yourself.
Additional Resources
4 Best Software Deployment Tools in 2020: With the right software deployment tool, you can elevate existing update services, automate deployment tasks, and put security best practices in place. Here’s my list of the top four in 2020.
Syslog is the keeper of all things events and we're bringing you the Best Free Syslog Servers for Windows (and Linux), along with some insightful reviews and screenshots.
Syslog (System Logging) standard is widely used by devices of all sorts, including computers, routers, switches, printers, and more.
Devices send syslog messages about any number of events.
These can be informational messages, such as user login events, or they can be critical messages, like a failure in the primary application.
These messages play an important part in a network administrator’s arsenal of tools; they alert the admin of errors and warnings right as they happen, allowing them to quickly respond to problems and hopefully fix them before they become major issues.
Syslog messages are also important to have for security audits.
On a network with a large number of devices, accessing logs on each device requires logging in to each one.
It is a tedious and time-consuming process and you run the risk of missing important event messages.
This is where syslog servers, also referred to as collectors, become very useful.
After enabling each device to send syslog messages, those devices start sending their log messages which are captured by the syslog server; there they are readily available to view and analyze.
Unlike SNMP, syslog cannot be used to poll devices for information; the syslog standard is used only to send messages about events.
For troubleshooting purposes, syslog sending is potentially more effective than SNMP polling because syslog messages are sent and received immediately after an event occurs.
Polling information is received at intervals – events can occur quickly and cause a lot of damage in the short amount of time between polling intervals.
For each device that you wish to have send its event logs to your syslog server, you need to ensure that its remote-syslog service is enabled and that it is pointed at the IP address of your server.
Take note that Syslog uses UDP port 514; each sending device and the receiving Syslog collector need to be able to access this port.
Grab one of the following Free Syslog Servers below to keep an eye on your network with further detail from a centralized location, many of these can also be installed on Windows 7, 8.1, 10 and other desktop versions of Windows, as well as almost every Windows Server Version on the Market (2003, 2008, 2012, 2016 and Server 2019).
Here's the Best Free Syslog Servers of 2020:
1. Kiwi Syslog Server Free Edition by SolarWinds – Get it HERE
Created by the industry-leading network management software developer SolarWinds, Kiwi Syslog Server is a comprehensive logging tool that collects syslog events and messages not only from network devices, but also Linux, Unix, and Windows systems.
Using Kiwi’s GUI, you can easily and efficiently view and manage these log events from one console.
The free edition lets you collect and monitor syslog messages from up to 5 devices and lets you set up alerts for events such as heavy traffic, unauthorized login attempt, hardware failure, and more.
Kiwi also creates trend graphics, such as network traffic trends, and also creates a daily summary email for you.
Finally, you can archive all these syslog messages as well as forward them to a database or other syslog systems.
The full version of Kiwi Syslog Server allows you to set up actions, such as run program or play sound, that are triggered by certain log events; it also comes with a web-based interface that lets you manage the syslog server remotely.
2. SnmpSoft Syslog Watcher
A comprehensive, feature-rich application, Syslog Watcher from SnmpSoft is a Windows-based dedicated syslog server that collects and analyzes syslogs from any number of network hosts and servers.
(The free version allows up to 5 sources, while the professional license lets you collect from an unlimited number of sources.)
It gathers syslog messages from any device or appliance that has syslog sending enabled, as well as system log events from Windows, Unix, and Linux servers.
It also collects from any software that supports syslog sending. It boasts being able to handle 5000+ syslog messages per second.
Syslog Watcher supports both IPv4 and IPv6 networks, and collects over both UDP & TCP.
You can enable email alerts for certain events and messages, which alerts you of network and system errors before they become major problems.
The Viewer lets you sort and filter events as they come in, and lets you view the most recent syslogs in virtually real-time; messages can be customized by font and background based on filters.
All stored messages can be searched using an extensive rule set.
Important messages can be saved longer, and max keep time depends on the severity level of the message.
Syslog Watcher comes with extensive export options, including exporting to a database and manual and auto export.
3. Paessler PRTG Syslog
Syslog server functionality is built into the PRTG Network Monitor application, which we discussed in our previous article about netflow collectors.
![Syslog server for mac Syslog server for mac](/uploads/1/2/6/7/126782729/665789274.png)
PRTG is a full-featured network monitoring and management application that does not require additional software installation to activate the syslog server functionality.
The Syslog Receiver sensor can be added via the “add sensor” dialog (PRTG uses “sensors” to monitor and analyze network traffic).
It receives and processes syslog messages from network devices as well as Windows machines.
PRTG boasts handling a very high number of syslog messages per second (up to 10,000 in a lab setting); however, your capabilities will depend on your processing power, storage, and configuration.
Syslog events can be viewed and analyzed using the web interface. Information is displayed in an easy-to-understand interface and messages can be filtered according to type of message, severity, and more.
The filters can then be further refined to exclude or include messages, and categorize them as warnings or errors.
Alert triggers can be set up for specific types of messages, such as warnings or errors; you can also create an alert for when a high number of messages per second start coming in.
The freeware version of PRTG allows for up to 100 sensors.
4. Splunk Light
Splunk Light is designed to be a comprehensive log management solution for small IT environments. Real time analysis of syslog messages from your devices is done from its customizable dashboard.
It comes with powerful search functionalities and the ability to filter results and drill down to those messages that you specifically require, such as error messages only or messages only from a specific device.
Its search capabilities include Boolean, quoted string and wildcard searches; it allows you to search in real time, search time-range, or search by transaction-level.
Splunk’s capabilities can be expanded using add-ons such as the Add-on for Microsoft Windows, which allows you to collect log messages from Windows machines.
It can also be set up to collect syslog data from a forwarder. The Splunk Light free tool allows for up to 500MB of data capture per day.
5. The Dude
In a previous article, “Top 10 Free Netflow Analyzers and Collectors,” we discussed the application The Dude, from MicroTik. The Dude is a powerful network administration application; it contains within itself a built-in Free Syslog Server.
This server can be turned on in the Server settings, under the “Syslog” tab.
While having The Dude poll your devices (sending out information requests at regular intervals using SNMP) is useful, capturing unsolicited messages from your devices is a more effective way to catch errors quickly.
You can create alerts for specific syslog messages as well as create filters.
The Dude is a great all-purpose application for network administrators.
6. WhatsUp Syslog Server Free Tool
This simple yet useful tool allows you to easily collect, view, and forward syslog events from devices anywhere on your network.
With Syslog Server you can view the messages in real time with a simple and intuitive user interface that allows you to analyze and interpret syslog messages as they come in.
The filter function lets you customize which data you want to view.
It boasts expanded export capabilities, such as text, CSV, and many more, as well as forwarding event logs to other syslog servers. Custom alerts notify you of errors and warnings.
WhatsUp Syslog Server Free Tool is a worthwhile tool for any admin.
Free Syslog Servers For Windows
Download Today and Get Started:
Conclusion
Syslog Server For Mac
Grab one of these great Free Syslog Servers today and fire up a Test VM or Server and get it configured to really get a good feeling of the software works, along with their respective feature sets.
Free Syslog Servers
We'll continue to Update this list throughout the year and if we've missed any software, please feel free to send us an email and we'll happily get the software added after we've reviewed it!