From the course: Network Forensics
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Kiwi Syslog Server
- [Instructor] Kiwi is a Windows based Syslog server. You can download Kiwi by visiting the Kiwi website. Click on downloads. It's available for a 14 day trial. Here is a big-picture view of what's happening. The Syslog-ng server collects it's local log messages and forwards them to a Kiwi Syslog server running on a Windows host. This is what Kiwi Syslog server looks like. The window's empty right now because it hasn't received any log messages from the Syslog-ng server we set up earlier. The Syslog-ng server is shut down right now as you can see on the screen. As soon as I start it you'll see messages coming from the Syslog-ng program. Let me start Syslog-ng by typing sudo, space, service, space, Syslog-ng, space, start. Let's switch to the Windows VM where I'm running my Kiwi Syslog server. You can see that it's not receiving the log messages I'm generating on my Ubuntu machine. Note the references of the label UFW, which is the default firewall for my Ubuntu box. Now let's check…
Contents
-
-
-
-
-
(Locked)
Network logs3m 6s
-
(Locked)
Intrusion and security events5m 2s
-
(Locked)
Network logs as evidence3m 16s
-
(Locked)
Network logs and compliance3m 12s
-
(Locked)
Audit logs3m 28s
-
(Locked)
Firewall logs4m 23s
-
(Locked)
syslog6m 14s
-
(Locked)
syslog-ng6m 31s
-
(Locked)
Kiwi Syslog Server2m 39s
-
(Locked)
Microsoft Log Parser4m 34s
-
(Locked)
-
-
-