Manualshelf

Distributed Systems Administration Utilities User's Guide, Linux, March 2009

ManualsBrandsHP ManualsSoftwareHP Linux Caliper Software Electronic LTU
71727374757677787980
1. To configure syslog-ng, start with the same syslog-ng.conf templates used by the
clog_wizard.
On one cluster member, copy the /opt/dsau/share/clog/templates/
syslog-ng.conf.client.template to /etc/syslog-ng.conf.client on Red Hat
or /etc/syslog-ng/syslog-ng.conf.client on SLES. This file contains tokens named
<%token-name%> which are replaced by the wizard based on the administrators answers
to the wizard’s questions.
Manually replace the tokens in /etc/syslog-ng.conf.client on Red Hat or /etc/
syslog-ng/syslog-ng.conf.client on SLES as follows:
a. Delete the <%UDP_LOOPBACK_SOURCE%> and <%UDP_LOOPBACK_LOG%> tokens.
b. Replace all the <%TYPE%> tokens with either tcp or udp depending on the desired log
transport.
c. Find the line
destination d_syslog_<%TYPE%> {<%TYPE%>(<%IP%>port(<%PORT%>)); };
If using the UDP protocol, replace <%IP%> with the IP address of the log consolidation
server and <%PORT%> with 514, the standard UDP port. If using TCP protocol with ssh
port forwarding, replace <%IP%> with 127.0.0.1 and <%PORT%> with the port chosen
for ssh port forwarding. The same guidelines for choosing a free syslog-ng TCP port
apply to this port. For details, refer to “Configuring a Log Consolidation Standalone
Server with clog_wizard” (page 50). (Note that the ssh port chosen should be a free
port on all cluster members). Non-interactive secure shell authentication must be set
up between each member of this cluster and the log consolidator (can use
/opt/dsau/bin/csshsetup tool for the configuration). For details, refer to “ssh Port
Forwarding” (page 78).
If using the TCP protocol without ssh port forwarding, replace <%IP%> with the IP
address of the log consolidation server and <%PORT%> with TCP port chosen on the
log consolidator used for log consolidation.
3.3 Log Consolidation Configuration 71