Manualshelf

Distributed Systems Administration Utilities User's Guide

ManualsBrandsHP ManualsSoftwareHP-UX System Administration
61626364656667686970
e. Replace the <%FS%> token with the filesystem or directory where the consolidated logs
will be kept. This filesystem/directory is the one managed by the Serviceguard package.
For example:
destination d_syslog { file(<%FS%>/syslog/syslog.log); };
becomes:
destination d_syslog { file(/clog/syslog/syslog.log); };
Make sure that this filesystem mount point exists cluster-wide and that the storage fails
over correctly cluster-wide. Since consolidated logs can grow quite large, HP
recommends that this filesystem use the largefiles option and that there is sufficient
room for growth.
For additional information on creating the Serviceguard storage/filesystem configuration
for a package, refer to the Managing Serviceguard manual.
3. Manually replace the tokens in /etc/syslog-ng.conf.client as follows:
a. If configuring the cluster to consolidate its own syslogs, replace the
<%UDP_LOOPBACK_SOURCE%> token with:
source s_syslog_udp { udp(port(514)); };
Replace the <%UDP_LOOPBACK_LOG%> token with:
log { source(s_syslog_udp); destination(d_syslog_<type>); };
where <type> is either tcp or udp depending on the desired log transport. This causes
syslog-ng to read the local syslogds UDP messages and send them to the log
consolidation server.
If you do not want to consolidate the local syslogs of this cluster, delete the
<%UDP_LOOPBACK_SOURCE%> and <%UDP_LOOPBACK_LOG%> tokens.
b. Replace all the <%TYPE%> tokens with either tcp or udp depending on the desired log
transport.
c. Find the line: “destination d_syslog_<%TYPE%>{
<%TYPE%>(<%IP%>port(<%PORT>%>)); };.
Replace <%IP%> with the IP address of the clog package. For TCP, replace <%PORT%>
with the TCP port used for log forwarding (selected above). For UDP, replace <%PORT%>
with 514, the standard UDP port.
62 Consolidated Logging