DART SYSLOG Analyzer is a network monitoring solution built on a high-availability, scalable architecture providing a comprehensive, unified perspective on the network by collecting all SYSLOG records from all elements for integrated, centralized log analysis.
It includes rules-based policies to flag network exceptions and execute a workflow to initiate resolutions for critical issues in the network
Its capabilities include:
By collecting SYSLOG records from all network elements and establishing an operator defined rules-based policy, DART makes it possible to discover network-wide exceptions that cannot be discovered by monitoring single elements.
DART’s centralized SYSLOG collection helps identify and correct problems across multiple network types more quickly and easily to maximize network performance. The DART dashboard provides a dynamic chart of the Top 10 SYSLOG message generators, which assists with the rapid identification of an issue in the network and the cause of the issue.
DART collects SYSLOG records from every network element, stores them for multiple months/years, and provides flexible reporting capability so that network operators can analyze years of network data trends to plan more effectively.
Every SYSLOG record is stored in raw and in an indexed format. Raw allows for compression for greater storage efficiency and indexed allows for rapid search capability.
The system provides a distributed syslog collector architecture for collecting messages from many syslog network devices. Each Metadata sensor node has a local syslog collector that receives and stores messages on its local disk for its subtending network devices.
All the distributed local syslog collectors then forward their information to the DART Performance Center where it is centrally stored in a database that represents a network wide view of all syslog error reporting.
The system provides preprogrammed syslog alert rules that generate an alarm, email notification, and SNMP trap sent toward a designated external SNMP device. In addition to the preprogrammed syslog alert rules, users can create custom syslog alert rules using the syslog alert rule builder tool.
The system also provides a display of syslog events received and analytics GUI panels that characterize the syslog event traffic. For example, there are panels for the top 10 syslog severities, hosts, facilities, traffic rate, and a syslog summary panel. There are also GUI panels for alert severities, history, and a list of alerts generated. The system also stores syslog event messages in archive files, retain them on the system for a configured period, and then automatically deleted them to conserve disk space.