We've been challenged to capture syslog messages from around 800 routers. It's a busy network and therefore we receive numerous messages. What we really need to do is alert on particular BGP messages from the routers. I understand that SolarWinds recommends using Kiwi Cattools for syslogging, rather than Orion. A couple of questions I have are:
- Can Kiwi Cattools be used to capture the syslog messages, and then only send a notice to Orion if/when a condition is met; thereby freeing Orion from the task of filtering all messages yet Orion would do any alerting necessary?
- How are others capturing syslogs or doing this?
Thanks in advance for any guidance or thoughts.