Manualshelf

R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
71727374757677787980
63
CAUTION:
A
s the default system confi
g
urations for different channels are differen
t
, you need to disable the output of
log, trap, and debugging information of all modules on the specified channel (loghost in this example)
first and then configure the output rule as needed so that unnecessary information will not be output.
# Configure the information output rule: allow log information of all modules with severity equal to or
higher than informational to be output to the log host.
[Sysname] info-center source default channel loghost log level informational state on
Step2 Configure the log host
Step3 Log in to the log host as a root user.
Step4 Create a subdirectory named Firewall under directory /var/log/, and create file info.log under the
Firewall directory to save logs of Firewall.
# mkdir /var/log/Firewall
# touch /var/log/Firewall/info.log
Step5 Edit file /etc/syslog.conf and add the following contents.
# Firewall configuration messages
local5.info /var/log/Firewall/info.log
In the above configuration, local5 is the name of the logging facility used by the log host to receive logs.
info is the information level. The Linux system will record the log information with severity level equal to
or higher than informational to file /var/log/Firewall/info.log.
NOTE:
Be aware of the following issues while editing file /etc/syslog.conf:
Comments must be on a separate line and begin with the # sign.
No redundant spaces are allowed after the file name.
The logging facility name and the information level specified in the /etc/syslog.conf file must be
identical to those configured on the device using the info-center loghost and info-center source
commands; otherwise the log information may not be output properly to the log host.
Step6 After log file info.log is created and file /etc/syslog.conf is modified, you need to issue the following
commands to display the process ID of syslogd, kill the syslogd process, and restart syslogd using the -r
option to make the modified configuration take effect.
# ps -ae | grep syslogd
147
# kill -9 147
# syslogd -r &
NOTE:
Ensure that the syslogd process is started with the -r option on a Linux log host.
After the above configurations, the system will be able to record log information into the log file.
Outputting log information to the console
Network requirements
Log information with a severity higher than informational will be output to the console;