Manualshelf

Virtual TapeServer 8.3 Configuration Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series
201202203204205206207208209210
Troubleshooting | 191
Logwatch reports
Daily Logwatch reports enable you to view significant events that occurred on the system in the last
24 hours. The reports are generated by parsing events in the Linux log directory (/var/log) and VTS
log directory (/usr/local/tape/log). A report is generated every day at 4AM before VTS log files are
rotated. Each Logwatch reports is deleted after 120 days. These reports are generated by an
implementation of the logwatch system monitoring system; see http://www.logwatch.org/index.html
for more information.
The VTS Events section of the logwatch report consists of topic headings followed by subject lines.
Each subject line begins with a message ID (see "Message IDs" on page 174), is followed by a
message explanation and ends with the count of such messages in the event.log file for the previous
day.
To view a Logwatch report
Requires the View log files access right
1. Click Support > Logs on the navigation pane.
2. Click Examine Logwatch Output in the Log Files section of the page. The VTS Server
Logwatch Reports page provides a list of reports, and the newest report is listed first.
3. Click the name of a TXT file to view its contents.
Remote logging of audit log records
If necessary, you can enable remote logging of auditd log records. This is done using the syslog
facility provided with the VTS operating system (Linux).
Note Log files are sent to the remote server in the clear text. Because the log files may contain
audit data, be careful to evaluate the safety of remote logging.
To enable remote logging
1. Log in to the VTS server as vtsa.
2. Use the su command to change to the root user:
su -
3. Edit /etc/syslog.conf and add a line for the remote host. The following line is an example that
logs kernel messages.
kern.* @remote.log.host.domain.com
where kern.* specifies to log all kernel messages and remote.log.host.domain.com specifies the
hostname or IP address of the remote host that will log messages for the target host. To log
other messages, refer to the auditd, syslogd, and syslog.conf man pages.