Manualshelf

Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
211212213214215216217218219220
Configuring a System
Using Distributed Systems Administration Utilities
Chapter 3216
For UDP:
destination d_syslog_udp { udp(“package IP” port(514)); };
where <%IP%> is replaced by the clog package IP address or
hostname and the <%PORT%> token is replaced by 514, the standard
syslog UDP port.
e. Replace the <%FS%> token with the filesystem or directory where the
consolidated logs will be kept. This filesystem/directory is the one
managed by the Serviceguard package. For example:
destination d_syslog { file(“<%FS%>/syslog/syslog.log”); };
becomes:
destination d_syslog { file(“/clog/syslog/syslog.log”); };
Make sure that this filesystem mount point exists cluster-wide and
that the storage fails over correctly cluster-wide. Since consolidated
logs can grow quite large, HP recommends that this filesystem use
the largefiles option and that there is sufficient room for growth.
For additional information on creating the Serviceguard
storage/filesystem configuration for a package, refer to the Managing
Serviceguard manual.
Step 3. Manually replace the tokens in /etc/syslog-ng.conf.client as
follows:
a. If configuring the cluster to consolidate its own syslogs, replace the
<%UDP_LOOPBACK_SOURCE%> token with:
source s_syslog_udp { udp(port(514)); };
Replace the <%UDP_LOOPBACK_LOG%> token with:
log { source(s_syslog_udp); destination(d_syslog_<type>); };
where <type> is either tcp or udp depending on the desired log
transport.
This causes syslog-ng to read the local syslogd’s UDP messages
and send them to the log consolidation server.
If you do not want to consolidate the local syslogs of this cluster,
delete the <%UDP_LOOPBACK_SOURCE%> and <%UDP_LOOPBACK_LOG%>
tokens.