Documentation forKiwi Syslog Server

Create scheduled tasks in KSS NG

Use scheduled tasks in Kiwi Syslog Server NG (KSS NG) automate processes such as archiving and deleting files based on criteria you want to specify. Each task can be triggered to run when the KSS NG application or service starts.

Learn how to set up schedules for the following tasks:

  • Archive tasks move or copy files to another location and (optionally) compress the files.
  • Clean-up tasks delete files that meet the specified criteria (for example, files over a certain age).

See how to set up a scheduled task in the example below, which uses two schedules to automate log file archival and retention.

Created scheduled tasks to automate log file archival and retention

Most organizations have retention policies that require log files to be kept for a certain period. Retention policies ensure that the organization complies with regulatory standards and that documents are available if needed for audits or other legal issues.

To save time and ensure accuracy, use schedules to automate your log archival and retention process. The following example creates two schedules:

  • The first schedule archives log files that are not needed for current analysis.
  • The second schedule removes archived log files after the retention period is over.

Step 1: Create a rule to log each message

If you have not already done so, create a rule to log each message to a file. Split the log files based on the date and the IP address of the sending device.

Step 2: Create a schedule to archive log files

The following example moves log files into a compressed archive when they are more than one week old.

  1. Create a folder to store archived log files. For this example, archived files will be stored in C:\Program Files (x86)\SolarWinds\Kiwi Syslog Server NG\Archive.
  2. From the KSS NG navigation bar, choose Setup > Schedules to view the Schedules setup window.
  3. Click Add scheduled task to start the Create Schedule wizard.
  4. Define the task name in the provided field. Select the Archive option and click Next.
  5. Set the schedule frequency to run once a day. Click the Day tab and select the Every day option. Click Next.
  6. Define the source location of your log files. Check the Include subfolders box.

    The default file location where logs are stored is C:\ProgramData\SolarWinds\KiwiSyslogService\logs.

  7. Under Source files, specify a file age of at least 8 days. Use the default value of *.* in the File mask field. Use the default option Any for the File size value.
  8. Define the destination location, and browse to select the folder you created to store archived files. In this example, the destination location is C:\Program Files (x86)\SolarWinds\Kiwi Syslog Server NG\Archive.
  9. Select the option to Move files from source to destination. Click Next.
  10. Check the box to Zip files after moving/copying. Select the desired compression level from the drop-down menu.
  11. Click Create to create the schedule.

Step 3: Create a schedule to remove archived files after the retention period

  1. In the Schedules setup window, click Add Schedule to start the Create Schedule wizard.
  2. Define the task name in the provided field. Select the Clean-up option and click Next.
  3. Set the schedule frequency to run once a month. Click the Month tab and select the Every month option. Click Next.
  4. Define the source location of your log files. Check the Include subfolders box.

    The default file location where logs are stored is C:\ProgramData\SolarWinds\KiwiSyslogService\logs.

  5. Under Source files, specify a file age of at least 7 years (or your organization's retention period). Use the default value of *.* in the File mask field. Use the default option Any for the File size value.
  6. Check the Remove empty folders box if you want to remove folders in the source location that are empty.
  7. Click Create to create the schedule.

Log files are automatically split by date and sending device, archived after a week, and removed after the retention period.

Each schedule can be toggled on or off using the toggle icon to the right of each schedule. Use the vertical ellipsis () to edit, duplicate, or delete the schedule.

After you have added schedules, you can also use the Refine Results task bar on the left to filter schedules by their respective task types, such as Archive or Clean-Up.