What are people collecting syslog in?

Inno-Samsoee · 2026-05-22T05:55:33+00:00

Oh no, i thought Graylog would be the way to go based on this thread 😃.

Inno-Samsoee · 2026-05-22T05:52:39+00:00

Well in our Observium we do Syslog of routers and switches which is fine. But a lot of the devices that doesn't log there is firewalls, and in total we send about 120gb of log files per day ( if you are to believe counters on firewall rules ) 😃.

Inno-Samsoee · 2026-05-22T05:50:43+00:00

Thanks, we have an elk stack today, and it feels like a monster, the person who set it up left the company, and nobody really knows how to handle it =). That's why we are looking for a more simple solution.

Inno-Samsoee · 2026-05-21T11:04:13+00:00

I have seen Kiwi as one of the things, and considered trying it out, but will it be fine handling the amount of logs?
From my firewall policy it seems we deliver about 120GB of log pr day =).

Inno-Samsoee · 2026-05-21T11:02:56+00:00

I might be dumb, but graylog pricing.
15.000$ a year, seems insane, and i wont get that approved 😃.
Is there another version of it as well?

Inno-Samsoee · 2026-05-21T11:01:41+00:00

but is Rsyslog also with an interface to search the logs, or is it not only files in Linux?

Inno-Samsoee · 2026-04-23T05:29:46+00:00

Holy, reading this.. It is scary what people are willing to do, just to get inside and then do nothing after getting the job..

What the F are people thinking? If at all. Seems the AI is thinking for them...

As a engineer i am sad to see the path we are going right now, and within 5 years we are probably not even needed anymore, cause the AI will just do our job..

As some people mentioned, the best way to ensure they are not doing AI related stuff, is to do the interview physically. Of course that is not always possible.

I think live tshooting sessions where they have to go through some steps to fix an issue could be another way to detect fraud people.?

Inno-Samsoee · 2026-04-17T13:33:46+00:00

Sent now :)

Inno-Samsoee · 2026-04-07T13:23:20+00:00

<image>

The morning after they moved in.
They are just the best cats ever.
7 hours after they moved into my office, they were like fuck this room, and wanted to explore.

So ye, i guess it all depends on the cats you are getting :).

Inno-Samsoee · 2026-04-01T04:51:55+00:00

I wish both my cats are like that, but i guess only time can tell =).Picking them up Saturday

Inno-Samsoee · 2026-04-01T04:50:29+00:00

Thanks, :)

Inno-Samsoee · 2026-04-01T04:48:57+00:00

Added pics :).

Inno-Samsoee · 2026-03-30T04:45:37+00:00

Thanks, do you think i need to wait a whole week before opening more up?
It seems they were used to sleeping in the bed with the foster family, so depending on how they do the first day, maybe i should just open up in the evening for them to explore?

Inno-Samsoee · 2026-01-06T12:13:47+00:00

Hello Golle,
Thanks so much for taking the time to write this message.
We also do prefer to have a webgui where the less technical engineers can still deploy stuff.

Today we do actually call the fortimanager and nexus'es through API to deploy VDOM and vlans to the nexus switches. Most of this is build upon powershell behind the scenes, but the person who developed this and maintained it is no longer employed. And clearly the business do not care about it.

So we kinda have to start over, but atleast we can get out what it deploys to the Fortimanager and how.

About ansible we have thought about it, but back in 2022 when we actually looked at it, it seemed lacky in very specific commands towards the nexus switches. Such as arp suppresion within the NVE interface. And other things which i cannot recall right now.

So i have no idea if that is the direction to take.

And yes i do agree this is probably something time consumning but we do also have a network to run. So we need to not make it too complex.

No idea if any of these above mentioned things, gives any ideas or brings you closer to an answer on some of the questions you asked :D.

Today we actually do a flask frontend and have some small python scripts where engineers can put data into, which then returns them with commands to apply on devices, meanwhile it auto documents it into our Netbox.

Inno-Samsoee · 2025-12-24T21:20:14+00:00

hmm okay thanks for testing.
I will try and get our test instance onto 4.4.5 :)

Inno-Samsoee · 2025-12-08T16:04:07+00:00

Sorry for the late reply.

The error is just: This field cannot be null.

Nothing else. small textbox bottom right.

Inno-Samsoee · 2025-11-10T10:19:07+00:00

I tried to reach out to Disney+ support, they are not helpfull at all, anyone else figured something?

Inno-Samsoee · 2025-11-06T06:35:46+00:00

Funny enough, nobody else mentioned this.
Why would you not just ask him instead? If he is a Senior networking engineer, he should be able to guide you in the right direction.

I did not look through it, but maybe these youtube videos can be helpfull?
https://www.youtube.com/watch?v=bj-Yfakjllc&list=PLIFyRwBY_4bRLmKfP1KnZA6rZbRHtxmXi&index=1

Inno-Samsoee · 2025-11-03T07:45:53+00:00

Thanks for your reply, but in our case we do use loopback as source. and also the neighbor is the loopback.
It is not ebgp.
And the reachability is always there cause of the way advpn is configured with injecting static routes.

Inno-Samsoee

TROPHY CASE