Managing Systems and Workgroups: A Guide for HP-UX System Administrators

Configuring a System
Using Distributed Systems Administration Utilities
Chapter 3224
b. Replace all the _<%TYPE%> tokens with either tcp or udp depending
on the desired log transport.
c. Find the line
“destination d_syslog_<%TYPE%>{<%TYPE%>(“<%IP%>” port(<%PORT%>)); };”
If using the UDP protocol, replace <%IP%> with the IP address of the
log consolidation server and <%PORT%> with 514, the standard UDP
port.
If using the TCP protocol with ssh port forwarding, replace <%IP%>
with 127.0.0.1 and <%PORT%> with the port chosen for ssh port
forwarding. The same guidelines for choosing a free syslog-ng TCP
port apply to this port. For details, refer to section “Configuring a Log
Consolidation Standalone Server with clog_wizard” on page 192.
Non-interactive secure shell authentication must be set up between
this system and the log consolidator (you can use
/opt/dsau/bin/csshsetup tool for the configuration). For details,
refer to “ssh Port Forwarding” on page 235.
If using the TCP protocol without ssh port forwarding, replace
<%IP%> with the IP address of the log consolidation server and
<%PORT%> with TCP port chosen on the log consolidator used for log
consolidation.
d. Create the following symbolic link:
ln -sf /etc/syslog-ng.conf.client /etc/syslog-ng.conf
Step 3. The syslog-ng startup procedure, /sbin/init.d/syslog-ng, relies on
several configuration variables. Edit /etc/rc.config.d/syslog-ng as
follows:
a. Change the CLOG_CONFIGURED line to:
CLOG_CONFIGURED=1
b. Add the following lines:
CLOG_CONSOLIDATOR=0
CLOG_CONS_IP=<IP address of the log consolidator>
c. If using the TCP protocol add the following lines:
CLOG_TCP=1
CLOG_TCP_PORT=<log consolidation server tcp port>
If using ssh port forwarding add: