How to Setup Email Alerts for Network Attached Devices?

System logs are of paramount importance when trying to identify and resolve an issue in the network. System Logging or Syslog is a communication protocol that is utilized by different kinds of network devices to log their activity. Whenever an issue arises in a network, the syslogs are where network admins look at to resolve the issue. Now, if you decide to do something like this manually, you are just going to waste a lot of time looking at logs that do not point to the root cause of the issue and hence the real problem remains untouched. Having to go through the logs of multiple devices is tiresome and requires a lot of time and patience, especially in a large network with a huge number of devices. Therefore, having a syslog server becomes a necessity and a requirement of every big network.

Solarwinds Kiwi Syslog Server is a perfect tool for this job. Having a syslog server in place makes it easy for the network administrators to locate the main cause of whatever issue that is being triggered and hence leads to an effective and quick resolution as it includes useful information concerning failure events as well as security risks. The devices are configured to send logs to the syslog server where they are collected and displayed all in one space. Thus, you won’t have to log into each device to go through the logs.

Kiwi Syslog Server

Solarwinds Kiwi Syslog Server (download here) manages the logs of your network devices in one space with extended functionalities in real-time. The software also features an alert mechanism using which you will be notified or alerted whenever a certain scenario arises with real-time alerts. There are multiple notification methods such as email notifications etc. It does not support SMS alerts for the time period but that’s not really needed when you have email notification messages. Other than that, you can also configure the application to perform certain actions whenever a certain case is fulfilled, for example restart a device and much more. It also comes with a web UI which can be really helpful in networks as you don’t have to manually install it on every device.

There’s a free as well as a paid version of the tool. The paid version, obviously, comes with much more functionalities and features. The installation process of the tool is pretty easy and the interface extremely user-friendly. With that said, let us get into the main topic.

Using Kiwi Syslog to Get Email Alerts from Router, Switch, NAS and other Networked Device

Kiwi Syslog Server sends out alerts whenever a higher priority message is received. It comes with default alerts and you can create your own custom alerts as well. These alerts can be email alerts that you will receive on the email that you provide while setting up the alerts. To setup email alerts, the whole procedure can be broken down into four main steps i.e. adding a rule, configuring the rule and then setting up an action (which in this case will be sending an e-mail alert). So, without further ado, let us get started.

Adding a Rule

1. Open up the Kiwi Syslog Server.
2. Go to the Kiwi Syslog Server Setup dialog box by clicking File > Setup.
3. Right-click on the Rules text and then click Add Rule.

   

4. Change the name of the rule to whatever you like (in this case Email critical messages).

Adding a Filter to Include Messages from Certain Devices

If you wish, you can apply filters on the rule so that it only applies to selected devices or a specific device. Here’s how to do it:

1. Right-click on the Filters text and then click the Add Filter option.

   

2. Replace the default name of the filter to whatever you like.
3. In the Field drop-down menu, select IP Address.
4. After that, in front of the Filter Type drop-down menu, select any IP address option you like.

   

5. Provide the range of the IP addresses that are to be allowed.

   

6. Finally, click Apply to save the filter.

Adding a Filter to Include High Priority Messages

You can also apply a filter so that you are notified only about the high priority messages (red alerts) and not every single log that is being received by the Syslog server. If you wish to be notified by every message, skip this step. Otherwise, continue.

1. Add a new filter by right-clicking on the Filters text and then selecting Add Filter.
2. Give the filter a name other than its default name.
3. In the Field drop-down menu, select Priority.
4. Click on the Emerg column and drag your mouse to the Crit column while clicking to select the priority.

   

5. After that, right-click the highlighted area and then select Toggle to On.

   

6. Finally, click the Apply button to save the filter.

Adding an Action to Send out Email Alerts

Finally, we are done with configuring the alert conditions and now we have to create an action so that whenever the given filters are satisfied, the Syslog server sends out an email. Here’s how to do it:

1. Before you add an action, make sure you have configured the email settings. Here, you will have to provide details about the email server and SMTP server.
2. On the left-pane of the Kiwi Syslog Server Setup dialog, scroll down and then click Email.

   

3. Provide the required fields.
4. After that, right-click on the Action text found in the sub-level of Rules and select Add Action.
5. Give the action a name (in this case send email).
6. In the Action drop-down menu, select Email address.
7. Enter the recipient address. If you wish to add multiple email addresses, you can do so by providing multiple email addresses and separating each one by a comma.
8. Provide the From email address as well.
9. After that, enter the email subject and then follow it up by the email message. The picture uses variables that insert the IP address of the sending device, the time, date along with some other data.

   

10. Finally, click the Apply button to save the action.