Error Log and syslogd



Similar documents
Configuring System Message Logging

Cisco Setting Up PIX Syslog

Syslog & xinetd. Stephen Pilon

Device Integration: Checkpoint Firewall-1

Lab 5.5 Configuring Logging

AIX Monitoring Guidelines

Configuring System Message Logging

Using Debug Commands

Veritas Storage Foundation UMI error messages for HP-UX

System Message Logging

Overview. NetBorder Express Loggers Configuration Guide

Configuring LocalDirector Syslog

Using Debug Commands

LogLogic Microsoft Domain Name System (DNS) Log Configuration Guide

Using Debug Commands

Configuring System Message Logging

System Administration

EMC VNX Version 8.1 Configuring and Using the Audit Tool on VNX for File P/N Rev 01 August, 2013

Computer Security DD2395

Network Monitoring & Management Log Management

CYAN SECURE WEB APPLIANCE. User interface manual

NTP and Syslog in Linux. Kevin Breit

Network Monitoring & Management Log Management

Introduction to AIX 6L System Administration Course Summary

Technical Note P/N REV A05 September 20, 2010

syslog - centralized logging

Runtime Monitoring & Issue Tracking

StarWind iscsi SAN Software: Using StarWind with MS Cluster on Windows Server 2008

EMC Avamar 7.2 for IBM DB2

Hyper-V Installation Guide for Snare Server

Network Monitoring & Management Log Management

Server Manager Performance Monitor. Server Manager Diagnostics Page. . Information. . Audit Success. . Audit Failure

CSE 265: System and Network Administration

id_prob_result_coredump_aix.ppt Page 1 of 15

Troubleshooting. System History Log. System History Log Overview CHAPTER

WebSphere Application Server security auditing

This presentation will discuss how to troubleshoot different types of project creation issues with Information Server DataStage version 8.

Configuring Notification for Business Glossary

Users Manual OP5 Logserver 1.2.1

Linux Syslog Messages in IBM Director

Tivoli Storage Manager Lunch and Learn Bare Metal Restore Dave Daun, IBM Advanced Technical Support

Linux System Administration. System Administration Tasks

System Log Setup (RTA1025W Rev2)

Lab Configure Syslog on AP

Configuring Log Files and Filtering Log Messages for Oracle WebLogic Server c (12.1.3)

NAS 272 Using Your NAS as a Syslog Server

Siebel Application Deployment Manager Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013

Vantage Report. Quick Start Guide

About Cisco PIX Firewalls

Oracle VM Server Recovery Guide. Version 8.2

Equalizer VLB Beta I. Copyright 2008 Equalizer VLB Beta I 1 Coyote Point Systems Inc.

MapGuide Open Source Repository Management Back up, restore, and recover your resource repository.

IBM Tivoli Storage Manager for Databases Version Data Protection for Microsoft SQL Server Messages IBM

Linux Audit Quick Start SUSE Linux Enterprise 10 SP1

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

HP LeftHand SAN Solutions

ClearPass Policy Manager 6.3

Using esxtop to Troubleshoot Performance Problems

Availability Guide for Deploying SQL Server on VMware vsphere. August 2009

Troubleshooting Citrix MetaFrame Procedures

Configure NFS Staging for ACS 5.x Backup on Windows and Linux

ontune SPA - Server Performance Monitor and Analysis Tool

Managing IBM Lotus Notes Domino 7 Servers and Users. Course Description. Audience. Course Prerequisites. Machine Requirements.

Red Condor Syslog Server Configurations

Configuring Syslog Server on Cisco Routers with Cisco SDM

Eventlog to Syslog v4.5 Release 4.5 Last revised September 29, 2013

Troubleshooting for Yamaha router

: HP HP Version : R6.1

Virtualization management tools

EMS Peripheral Status Monitor: Definition

Ultimate Guide to Oracle Storage

DEPLOYING EMC DOCUMENTUM BUSINESS ACTIVITY MONITOR SERVER ON IBM WEBSPHERE APPLICATION SERVER CLUSTER

INF-110. GPFS Installation

Configuring Logging. Information About Logging CHAPTER

SYSLOG 1 Overview... 1 Syslog Events... 1 Syslog Logs... 4 Document Revision History... 5

Topics. CIT 470: Advanced Network and System Administration. Logging Policies. System Logs. Throwing Away. How to choose a logging policy?

Determine the process of extracting monitoring information in Sun ONE Application Server

CSE/ISE 311: Systems Administra5on Logging

Moving the Web Security Log Database

Ahsay Replication Server v5.5. Administrator s Guide. Ahsay TM Online Backup - Development Department

System Administration

Cloud Computing at Google. Architecture

IBM Security SiteProtector System Configuration Guide

Listeners. Formats. Free Form. Formatted

Using the VCDS Application Monitoring Tool

Microsoft Exchange 2003 Disaster Recovery Operations Guide

Event Center (rev b) EVENT CENTER. VPI 160 Camino Ruiz, Camarillo, CA (Voice) (Fax)

Agency Pre Migration Tasks

Database Administration

Maintaining Non-Stop Services with Multi Layer Monitoring

How To Configure Syslog over VPN

Professional Xen Visualization

Configuring System Message Logging

Running a Workflow on a PowerCenter Grid

6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days)

Operation Error Management

Monitoring PostgreSQL database with Verax NMS

Restoring a Suse Linux Enterprise Server 9 64 Bit on Dissimilar Hardware with CBMR for Linux 1.02

LVM2 data recovery. Milan Brož LinuxAlt 2009, Brno

Transcription:

Error Log and syslogd Course materials may not be reproduced in whole or in part without the prior written permission of IBM. 5.0 4.1

Unit Objectives After completing this unit, you should be able to: Analyze error log entries Identify and maintain the error logging components Describe different error notification methods Log system messages using the syslogd daemon

Error Logging Components console errnotify diagnostics SMIT error notification errpt formatted output CuDv, CuAt CuVPD error record template /var/adm/ras/errtmplt application errlog() errsave() kernel module errstop error daemon /usr/lib/errdemon /dev/error (timestamp) errlog /var/adm/ras/errlog errclear errlogger User Kernel

Generating an Error Report Using SMIT # smit errpt Generate an Error Report... CONCURRENT error reporting? no Type of Report summary + Error CLASSES (default is all) [] + Error TYPES (default is all) [] + Error LABELS (default is all) [] + Error ID's (default is all) [] +X Resource CLASSES (default is all) [] Resource TYPES (default is all) [] Resource NAMES (default is all) [] SEQUENCE numbers (default is all) [] STARTING time interval [] ENDING time interval [] Show only Duplicated Errors [no] Consolidate Duplicated Errors [no] LOGFILE [/var/adm/ras/errlog] TEMPLATE file [/var/adm/ras/errtmplt] MESSAGE file [] FILENAME to send report to (default is stdout) []...

The errpt Command Summary report: # errpt Intermediate report: # errpt -A Detailed report: # errpt -a Summary report of all hardware errors: # errpt -d H Detailed report of all software errors: # errpt -a -d S Concurrent error logging ("Real-time" error logging): # errpt -c > /dev/console

A Summary Report (errpt) # errpt IDENTIFIER TIMESTAMP T C RESOURCE_NAME DESCRIPTION 192AC071 1010130907 T O errdemon ERROR LOGGING TURNED OFF C6ACA566 1010130807 U S syslog MESSAGE REDIRECTED FROM SYSLOG A6DF45AA 1010130707 I O RMCdaemon The daemon is started. 2BFA76F6 1010130707 T S SYSPROC SYSTEM SHUTDOWN BY USER 9DBCFDEE 1010130707 T O errdemon ERROR LOGGING TURNED ON 192AC071 1010123907 T O errdemon ERROR LOGGING TURNED OFF AA8AB241 1010120407 T O OPERATOR OPERATOR NOTIFICATION C6ACA566 1010120007 U S syslog MESSAGE REDIRECTED FROM SYSLOG 2BFA76F6 1010094907 T S SYSPROC SYSTEM SHUTDOWN BY USER EAA3D429 1010094207 U S LVDD PHYSICAL PARTITION MARKED STALE EAA3D429 1010094207 U S LVDD PHYSICAL PARTITION MARKED STALE F7DDA124 1010094207 U H LVDD PHYSICAL VOLUME DECLARED MISSING Error Type: P: Permanent, Performance or Pending T: Temporary I: Informational U: Unknown Error Class: H: Hardware S: Software O: Operator U: Undetermined

A Detailed Error Report (errpt -a) LABEL: IDENTIFIER: LVM_SA_PVMISS F7DDA124 Date/Time: Wed Oct 10 09:42:20 CDT 2007 Sequence Number: 113 Machine Id: 00C35BA04C00 Node Id: rt1s3vlp2 Class: H Type: UNKN WPAR: Global Resource Name: LVDD Resource Class: NONE Resource Type: NONE Location: Description PHYSICAL VOLUME DECLARED MISSING Probable Causes POWER, DRIVE, ADAPTER, OR CABLE FAILURE Detail Data MAJOR/MINOR DEVICE NUMBER 8000 0011 0000 0001 SENSE DATA 00C3 5BA0 0000 4C00 0000 0115 7F54 BF78 00C3 5BA0 7FCF 6B93 0000 0000 0000 0000

Types of Disk Errors Error Label DISK_ERR1 DISK_ERR2, DISK_ERR3 DISK_ERR4 SCSI_ERR* (SCSI_ERR10) Error Type P P T P Recommendations Failure of physical volume media Action: Replace device as soon as possible Device does not respond Action: Check power supply Error caused by bad block or occurrence of a recovered error Rule of thumb: If disk produces more than one DISK_ERR4 per week, replace the disk SCSI communication problem Action: Check cable, SCSI addresses, terminator Error Types: P = Permanent T = Temporary

LVM Error Log Entries Error Label LVM_BBEPOOL, LVM_BBERELMAX, LVM_HWFAIL LVM_SA_STALEPP LVM_SA_QUORCLOSE Class and Type S,P S,P H,P Recommendations No more bad block relocation. Action: Replace disk as soon as possible. Stale physical partition. Action: Check disk, synchronize data (syncvg). Quorum lost, volume group closing. Action: Check disk, consider working without quorum. Error Classes: H = Hardware Error Types: P = Permanent S = Software T = Temporary

Maintaining the Error Log # smit errdemon Change / Show Characteristics of the Error Log Type or select values in entry fields. Press Enter AFTER making all desired changes. LOGFILE [/var/adm/ras/errlog] *Maximum LOGSIZE [1048576] # Memory Buffer Size [32768] #... # smit errclear Clean the Error Log Type or select values in entry fields. Press Enter AFTER making all desired changes. Remove entries older than this number of days [30] # Error CLASSES [ ] + Error TYPES [ ] +... Resource CLASSES [ ] +... ==> Use the errlogger command as a reminder <==

Exercise 9: Error Logging and syslogd (Part 1) Part 1: Working with the error log

Error Notification Methods ODM-Based: /etc/objrepos/errnotify Error Notification Concurrent Error Logging: errpt -c > /dev/console Self-made Error Notification

Self-made Error Notification #!/usr/bin/ksh errpt > /tmp/errlog.1 while true do sleep 60 # Let's sleep one minute done errpt > /tmp/errlog.2 # Compare the two files. # If no difference, let's sleep again cmp -s /tmp/errlog.1 /tmp/errlog.2 && continue # Files are different: Let's inform the operator: print "Operator: Check error log " > /dev/console errpt > /tmp/errlog.1

ODM-based Error Notification: errnotify errnotify: en_pid = 0 en_name = "sample" en_persistenceflg = 1 en_label = "" en_crcid = 0 en_class = "H" en_type = "PERM" en_alertflg = "" en_resource = "" en_rtype = "" en_rclass = "disk" en_method = "errpt -a -l $1 mail -s DiskError root"

syslogd Daemon /etc/syslog.conf: daemon.debug /tmp/syslog.debug syslogd /tmp/syslog.debug: inetd[16634]: A connection requires tn service inetd[16634]: Child process 17212 has ended # stopsrc -s inetd # startsrc -s inetd -a "-d" Provide debug information

syslogd Configuration Examples /etc/syslog.conf: auth.debug /dev/console All security messages to the system console mail.debug /tmp/mail.debug Collect all mail messages in /tmp/mail.debug daemon.debug /tmp/daemon.debug *.debug; mail.none @server Collect all daemon messages in /tmp/daemon.debug Send all messages, except mail messages, to host server After changing /etc/syslog.conf: # refresh -s syslogd

Redirecting syslog Messages to Error Log /etc/syslog.conf: *.debug errlog Redirect all syslog messages to error log # errpt IDENTIFIER TIMESTAMP T C RESOURCE_NAME DESCRIPTION... C6ACA566 0505071399 U S syslog MESSAGE REDIRECTED FROM SYSLOG...

Directing Error Log Messages to syslogd errnotify: en_name = "syslog1" en_persistenceflg = l en_method = "logger Error Log: `errpt -l $1 grep -v TIMESTAMP`" errnotify: en_name = "syslog1" en_persistenceflg = l en_method = "logger Error Log: $(errpt -l $1 grep -v TIMESTAMP)" Direct the last error entry (-l $1) to the syslogd. Do not show the error log header (grep -v) or (tail -1). errnotify: en_name = "syslog1" en_persistenceflg = l en_method = "errpt -l $1 tail -1 logger -t errpt -p daemon.notice"

Checkpoint 1. Which command generates error reports? Which flag of this command is used to generate a detailed error report? 4. Which type of disk error indicates bad blocks? 6. What do the following commands do? errclear errlogger What does the following line in /etc/syslog.conf indicate? *.debug errlog 12. What does the descriptor en_method in errnotify indicate?

Checkpoint Solutions 1. Which command generates error reports? Which flag of this command is used to generate a detailed error report? errpt errpt -a 4. Which type of disk error indicates bad blocks? DISK _ ERR4 6. What do the following commands do? errclear Clears entries from the error log. errlogger Is used by root to add entries into the error log. What does the following line in /etc/syslog.conf indicate? *.debug errlog All syslogd entries are directed to the error log. 12. What does the descriptor en_method in errnotify indicate? It specifies a program or command to be run when an error matching the selection criteria is logged.

Exercise 9: Error Logging and syslogd (Part 2) Part 2: Working with syslogd Part 2: Error notification with errnotify

Unit Summary Use the errpt (smit errpt) command to generate error reports Different error notification methods are available Use smit errdemon and smit errclear to maintain the error log Some components use syslogd for error logging The syslogd configuration file is /etc/syslog.conf You can redirect syslogd and error log messages

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information