Manualshelf

HP XC System Software Administration Guide Version 3.1

ManualsBrandsHP ManualsSoftwareHP XC System 3.x Software
81828384858687888990
node name of the aggregator. The aggregator nodes forward their clients' events to the master aggregator
node, which produces a consolidated log file, /hptc_cluster/adm/logs/consolidated.log.
The assignment of regional and global nodes is made during the execution of the gconfig utility during
installation. You can determine which nodes are the regional nodes with the shownode command:
# shownode config syslogng_forward
The shownode command identifies the nodes that supply the syslogng_forward service. The following
command returns all the names of the nodes that provide this service:
# shownode servers syslogng_forward
syslogng_forward: n[3-4]
7.6.2 The syslog-ng.conf Rules File
The syslog-ng.conf rules file defines the order of importance by which the log files are arranged.
The /opt/hptc/syslog-ng/etc/syslog-ng.conf/syslog-ng.conf file defines for the
syslogng_forward service a series of rules on how to handle messages from its clients. The
syslog-ng.conf file contains five types of rules:
Options Defines generic information like reconnection timeouts, FIFO size limits, and so on.
Sources Defines the different sources from which the messages are obtained.
Filters Define the rules to segregate messages. For example, messages can be separated by
host, severity, facility, and so on.
Destinations Contains the devices and files where the messages are sent or saved.
Logs Combines the sources, filters, and destination into specific rules to handle the different
messages.
You can use a text editor, such as emacs or vi, to read the log files, and you can use a variety of text
manipulation commands to find, sort, and format these log files.
7.6.3 Modifying the syslog-ng Rules Files
The HP XC system supplies a default configuration of the syslog-ng rules. You can modify the syslog-ng
rules by modifying template files and reconfiguring the HP XC system.
NOTE: The HP XC system is not available for use while it is being reconfigured.
The syslog-ng rules are contained in the following templates:
Regional Template
This template dictates the syslog-ng rules for the aggregator nodes. The full
pathname is
/opt/hptc/syslog-ng/etc/regional/syslog_ng_regional_template
Global Template
This template dictates the syslog-ng rules for the master aggregator node.
The full pathname is
/opt/hptc/syslog-ng/etc/global/syslog_ng_global_template
For more information on the parameters that make up these templates, see the syslog-ng documentation
at the following URL:
http://www.balabit.com/products/syslog_ng/
The syslog-ng nconfigure script, which runs during the cluster_config utility, uses these template
files to build the /opt/hptc/syslog-ng/etc/syslog-ng/syslog-ng.conf file.
Use the following procedure to modify the syslog-ng rules:
1. Log in as the superuser (root) on the head node.
2. Change to the /opt/hptc/syslog-ng/etc directory.
# cd /opt/hptc/syslog-ng/etc
88 Monitoring the System