Manualshelf

HP StorageWorks Fabric OS 5.0.0 Diagnostics and System Error Messages Reference Guide (AA-RW1SA-TE, May 2005)

ManualsBrandsHP ManualsStorageBrocade BladeSystem 4/24 SAN Switch
21222324252627282930
30 Introduction to system messages
System console, page 32
System message log (RASLog)
Fabric OS maintains an internal system message log of all messages. For Fabric OS v4.4.0, this log is
saved as a RASLog. Features of the system message log include the following:
The saving of all messages to nonvolatile storage.
A maximum of 1024 messages that can be saved in RAM.
Implementation as a circular buffer. When more than the maximum number of entries are added to
the log file, old entries are overwritten by new ones.
The display of all system messages from the errDump and errShow commands.
Configure the syslogd facility as a management tool for error logs. This is particularly important for
dual-domain switches, because the syslogd facility saves messages from two control processors (CPs) as
a single file and in sequential order. See ”System logging daemon” on page 31 for more information.
Security audit logging
Audit messages are enhanced to record more information for security purposes. They are flagged AUDIT
in the system message log. Currently, the only messages that have the audit flag set are SEC-3001
through SEC-3017.
These messages provide the following information:
User Name: the name of the user who triggered the action.
Role: The role of the user; for example, root or admin.
Event Name: The name of the event that occurred.
Status: The status of the event that occurred as success or failure.
Event Info: Information about the event. If you are creating an SCC_POLICY and use wild cards such
as the asterisk (*), which means all the switches in the current fabric, these wild cards are displayed
in the audit error message.
The following is an example of an audit message:
2004/07/09-02:09:40, [SEC-3001], 181, AUDIT, INFO, User:rick, role: admin, Event:
secpolicy create, status:success, Info: Create SCC_POLICY policy, with * entries.
Only certain commands generate an AUDIT message in the system message log. The commands that
generate AUDIT messages are:
secModeEnable and secModeDisable
secPolicyCreate, secPolicyDelete, secPolicyRemove, secPolicyActivate, and
secPolicySave
login and logout
secFCSFailover
secTransAbort
secStatsReset
secTempPasswdSet and secTempPasswdReset
aaaConfig
authUtil