HP-UX IPSec version A.02.01 Administrator's Guide
Troubleshooting HP-UX IPSec
Troubleshooting Procedures
Chapter 7208
• error: Error audit entries report error events including recoverable
error conditions, syntax errors, unsupported features, bad packets,
and unknown message types.
• warning: Warning audit entries report non-intrusive security events.
• informative: Informative audit entries provide detailed event
logging for troubleshooting.
• debug: Debug audit entries provide very detailed event logging for
debugging and troubleshooting.
NOTE Setting the audit level to informative or debug generates numerous
audit entries. You should set the audit level to informative or debug for
troubleshooting only.
The audit levels are shown in ascending order. If you set the audit level
to a higher level, all lower levels are also included. For example, if you
set the audit level to informative, the audit daemon also records all
alert, error and warning messages. The default audit level is error,
which includes alert messages.
Audit Files and Directory
By default, the audit daemon will create a new audit file when the size
reaches 100 Kbytes. The audit daemon will continue creating new audit
files until the file system for the audit directory are full. For this reason,
you may want to mount the audit directory on a separate file system.
The default audit directory is /var/adm/ipsec.
Audit File Size To change the maximum audit file size, use the
following command:
ipsec_admin -m[axsize]
max_audit_file_size
The
max_audit_file_size
is specified in kilobytes.
Default: 100 (kilobytes).
Dynamically Setting Audit Parameters
If HP-UX IPSec is running, you can dynamically set the audit
parameters by entering the following command: