Manualshelf

F3215-HP Load Balancing Module System Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
30
# Specify the host 1.2.0.1/16 as the log host, use the channel loghost to output log information
(optional, loghost by default), and specify local5 as the logging facility.
[LB] info-center loghost 1.2.0.1 channel loghost facility local5
# Configure an output rule to output to the log host the log information that has a severity level of
at least informational.
[LB] info-center source default channel loghost log level informational state on debug
state off trap state off
Disable the output of unnecessary information of all modules on the specified channel in the output
rule.
2. Configure the log host:
a. Log in to the log host as a root user.
b. Create a subdirectory named LB in the directory /var/log/, and create file info.log in the LB
directory to save logs from the LB.
# mkdir /var/log/LB
# touch /var/log/LB/info.log
c. Edit the file syslog.conf in the directory /etc/ and add the following contents.
# LB configuration messages
local5.info /var/log/LB/info.log
In this configuration, local5 is the name of the logging facility used by the log host to receive
logs. info is the information level. The Linux system will record the log information with severity
level equal to or higher than informational to file /var/log/LB/info.log.
NOTE:
Be aware of the following issues while editing file /etc/syslog.conf:
Comments must be on a separate line and must begin with a pound sign (#).
No redundant spaces are allowed after the file name.
The logging facility name and the information level specified in the /etc/syslog.conf file must be
identical to those configured on the LB by using the info-center loghost and info-center source
commands. Otherwise, the log information might not be output properly to the log host.
d. Display the process ID of syslogd, kill the syslogd process, and then restart syslogd using the –r
option to make the new configuration take effect.
# ps -ae | grep syslogd
147
# kill -9 147
# syslogd -r &
Make sure the syslogd process is started with the -r option on a Linux log host.
Now, the system can record log information into the log file.
Saving security logs into the security log file
Network requirements
Save security logs into the security log file cfa0:/securitylog/seclog.log every one hour.
Only the security log administrator can view the contents of the security log file. No other logged-in
users can view, copy, or rename the security log file.