In Offsite Disaster Backups, I outlined three methods I use to move backup data to a backup machine with removable hard drives. Essentially, this backup system replaced our tapes almost entirely. The one thing that I didn’t like about it was the way that each of the systems to be backed up were being logged. I used three methods: NTBackup, Robocopy, and Veeam.
- The native NTBackup utility copied all of the log files to a directory and rotated the log file names. This was difficult to manage in its native form so I compiled a workaround script to copy the log files over to the backup media. The trouble with this workaround is that I had to manually go and clear the logs off the backup drive. This is not a significant problem but it is a hassle.
- The Robocopy scripts with the /MIR switch are pretty straightforward. The log file path can be determined in the script which I usually put alongside the mirrored file structure on the backup disk.
- Veeam e-mails me when it is done copying to the media. The ghettovcb.sh script also logs to a file and sends e-mails to me saying that a backup is commencing and when it’s finished.
The real concern I have is coordinating all of these events and reading entire separate and individual log files scattered around the disk. Should something go wrong, how would I know without looking at the logs? Research HO!
In my last post I described how to configure windows events to syslog using a free application called SyslogAgent. When I showed Ben he thought it was really cool. After I had shown him how it was done, we sat there and watched people log in and out of their computers in real-time and kept renewing out IP addresses to check out the delay of the service. It was awesome.
“Hey, can we syslog the Shoretel? There’s a CDR text file in the c: drive somewhere…” Ben asked.
CDR or Call Detail Reporting is a logging service that runs on the Shoreware Director. It logs all calls that seize an outbound circuit to this file. Because it is a file running on Windows, we should be able to port this file to syslog similar to the way I did it with the DHCP event logs in my prior post. Read the rest of this entry »
My Syslog server is up and running. We now have all our network devices and Linux/Unix like servers sending their events to the Dude’s Syslog server. But what about Microsoft Windows Servers? Microsoft’s products do not have native support for Syslog.
Up to this point I have gone through the event logs manually. I’ve considered using Hyena, an application that I’ve used in the past to monitor windows hosts’ logs but I want to do this for free. Besides, the only systems that I am monitoring right now are the servers and VM’s in the computer room. I’d like to start monitoring all of my client PCs as well. It would be better if I can kill all these birds with one stone. Read the rest of this entry »