Manualshelf

Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
191192193194195196197198199200
Configuring a System
Using Distributed Systems Administration Utilities
Chapter 3 193
- Client that forwards logs to a remote consolidation server
Do you want to configure hostname as a Consolidation Server?
(y/n) [y]:
Answer yes.
The wizard then prompts:
Enter the fully qualified directory where the consolidated
logs should be stored? []:
It is typically best to select a dedicated filesystem for the consolidated
logs. Since consolidated logs like syslog can grow rapidly, HP also
recommends that the filesystem be configured for “largefiles.” For this
example, assume that a filesystem named “/clog” is used.
Next, the wizard prompts for the client’s transport:
You can choose to have the clients forward logs to this
consolidation server via the UDP protocol or the TCP
protocol (recommended).
Do you want to use the TCP protocol? (y/n) [y]:
Note that selecting TCP does not necessarily preclude the use of UDP
forwarded log messages by clients. Whether the log consolidator allows
TCP log messages exclusively, depends on whether the system is
consolidating its own local syslog file. See below for details.
You need to choose a free port on this system for log
receiving.
Note: When configuring log consolidation on the clients,
this port will need to be specified.
Enter the TCP port to be used for log receiving? []:
There is no reserved port for the TCP transport of syslog-ng. Any port
that is not in use can be chosen. HP recommends that the administrator
choose a port from the reserved range, that is, ports below 1024. Only
privileged processes on a remote system can connect to privileged ports.
Note that this provides only a weak security guarantee because it