Manualshelf

Distributed Systems Administration Utilities User's Guide

ManualsBrandsHP ManualsSoftwareHP-UX System Administration
71727374757677787980
3. The syslog-ng startup procedure, /sbin/init.d/syslog-ng, relies on several
configuration variables. Edit /etc/rc.config.d/syslog-ng as follows:
a. Change the CLOG_CONFIGURED line to:
CLOG_CONFIGURED=1
b. Add the following lines:
CLOG_CONSOLIDATOR=0
CLOG_CONS_IP=IP address of the log consolidator
c. If using the TCP protocol, add the following lines:
CLOG_TCP=1
CLOG_TCP_PORT=log consolidation server tcp port
If using ssh port forwarding, add:
CLOG_SSH=1
CLOG_SSH_PORT=ssh port chosen
otherwise, add:
CLOG_SSH=0
otherwise, if using the UDP protocol, add:
CLOG_TCP=0
If consolidating the local syslogs, add:
CLOG_SYSLOG=1
otherwise add:
CLOG_SYSLOG=0
If consolidating this clusters package logs, add:
CLOG_PACKAGE=1
otherwise, add:
CLOG_PACKAGE=0
4. All the files edited thus far need to be distributed cluster-wide:
# ccp /etc/syslog-ng.conf.client /etc/
# ccp /etc/rc.config.d/syslog-ng /etc/rc.config.d/
Create the following symbolic link on each cluster member:
# ln -sf /etc/syslog-ng.conf.client /etc/syslog-ng.conf
5. When using TCP with ssh port forwarding, record the ssh port number you chose above
in the /etc/services file. For example, add the line:
clog_ssh 1776/tcp # Consolidated logging with ssh port forwarding
Add this line to the /etc/services file of each cluster member.
6. To consolidate this clusters package logs, additional manual steps are needed on the log
consolidation server. Each time a package is created or deleted on this cluster, these steps
need to be done. Refer to “Consolidating Package Logs on the Log Consolidation Server
(page 74).
3.3 Log Consolidation Configuration 71