OpenVMS - Syslog Client for Installation & Configuration
OPC_SYSLOG
Syslog Client for OpenVMS
OPC_SYSLOG is used to read OpenVMS OPCOM messages and to transfer
them to a SYSLOG server
Installation
OPC_SYSLOG is supplied as an OpenVMS kit and is installed with
VMSINSTAL. The installation procedure asks for Device and Directory where
OPC_SYSLOG should be installed. The rest of the installation is done
automatically.
So that OPC_SYSLOG is started automatically after a reboot of the OpenVMS machine, the OPC_SYSLOG startup command file OPC_SYSLOG_STARTUP.COM must either be entered in SYS $ MANAGER: SYSTARTUP_VMS.COM or in the SYSMAN data file. OPC_SYSLOG should be started as early as possible after a reboot. However, it must be ensured that TCPIP has already been started on the OpenVMS computer at this time.
So that OPC_SYSLOG is started automatically after a reboot of the OpenVMS machine, the OPC_SYSLOG startup command file OPC_SYSLOG_STARTUP.COM must either be entered in SYS $ MANAGER: SYSTARTUP_VMS.COM or in the SYSMAN data file. OPC_SYSLOG should be started as early as possible after a reboot. However, it must be ensured that TCPIP has already been started on the OpenVMS computer at this time.
Starting
and stopping OPC_SYSLOG
The two command files OPC_SYSLOG_STARTUP.COM and
OPC_SYSLOG_SHUTDWN.COM are used to start or stop OPC_SYSLOG
Start OPC_SYSLOG
To start OPC_SYSLOG, the startup command file
OPC_SYSLOG_STARTUP.COM is called without parameters
$ @ SYS $ STARTUP: OPC_SYSLOG_STARTUP
Define the OPC_SYSLOG Logicals
OPC_SYSLOG knows static and dynamic parameters. The dynamic
parameters are designated as such in the startup command file. If only a
dynamic parameter is adjusted, it is sufficient to redefine the OPC_SYSLOG
Logicals. This is done by starting the startup command file with the
DEFLNM parameter
$ @ SYS $ STARTUP: OPC_SYSLOG_STARTUP DEFLNM
If static parameters are changed, OPC_SYSLOG must be restarted.
Restart of OPC_SYSLOG
After adapting the static parameters in the startup command file
OPC_SYSLOG_STARTUP.COM, OPC_SYSLOG must be restarted. This is done by
starting the startup command file with the RESTART parameter
$ @ SYS $ STARTUP: OPC_SYSLOG_STARTUP RESTART
Stop OPC_SYSLOG
OPC_SYSLOG must be stopped in a controlled manner. It is not
recommended to stop OPC_SYSLOG with STOP / ID. OPC SYSLOG can be stopped
in two ways:
$ @ SYS $ STARTUP: OPC_SYSLOG_SHUTDWN or $ @ SYS $ STARTUP:
OPC_SYSLOG_STARTUP SHUTDOWN
Configuration
OPC_SYSLOG is already configured after installation. However,
the system manager can make various adjustments himself and adapt OPC_SYSLOG to
the environment
Configuration of OPC_SYSLOG on
the OpenVMS page
All configuration adjustments are made in the startup command file
of OPC_SYSLOG. The individual options are described in the following
sections.
OPC_SYSLOG_ROOT
OPC_SYSLOG_ROOT is a static parameter and describes the
installation location of OPC_SYSLOG. Ideally, OPC_SYSLOG is installed on
the system disk. If, for example, the software is moved to another disc,
the new installation location must be shown here.
$ DEFINE / SYSTEM / EXEC OPC_SYSLOG_ROOT 'DISK': ['Directory']
OPC_SYSLOG_DEBUG
Debugging can be switched on or off with this static
parameter. If this logical 0, no debug information is written. If it
is 1, debug messages are written to the file OPC_SYSLOG_ROOT: OPC_SYSLOG.LOG.
$ DEFINE / SYSTEM / EXEC OPC_SYSLOG_DEBUG 0
OPC_SYSLOG_SERVER
The recipient of the SYSLOG messages is defined by defining the
static parameter OPC_SYSLOG_SERVER. Usually this is a UNIX machine with
syslog Deamon started.
$ DEFINE / SYSTEM / EXEC OPC_SYSLOG_SERVER GENLINUX
OPC_SYSLOG_SERVER_PORT
A syslog server normally listens on port 514. If this is different
for any reason, this can be done by redefining the static parameter
OPC_SYSLOG_SERVER_PORT.
$ DEFINE / SYSTEM / EXEC OPC_SYSLOG_SERVER_PORT 514
OPC_SYSLOG_MESSAGE_TYPE
This dynamic parameter determines the format in which the OPCOM
messages are written to the log file on the syslog server. In the current
version of OPC_SYSLOG, 4 message formats are supported.
$ DEFINE / SYSTEM / EXEC OPC_SYSLOG_MSGTYPE 3
The message formats are described in a
separate section OPC_SYSLOG message format
OPCOM Classes
OpenVMS knows the following OPCOM classes:
CENTRAL, PRINT, TAPES, DISKS, DEVICE, CARDS, NETWORK, CLUSTER, SECURITY, REPLY, SOFTWARE, LICENSE, OPER1 - OPER12
Each of these OPCOM classes can be transferred from OPC_SYSLOG to the Syslog server. Which classes are transferred exactly is determined in the OPC_SYSLOG startup command file in the OPCOM Classes section . This section looks like this in the command file:
CENTRAL, PRINT, TAPES, DISKS, DEVICE, CARDS, NETWORK, CLUSTER, SECURITY, REPLY, SOFTWARE, LICENSE, OPER1 - OPER12
Each of these OPCOM classes can be transferred from OPC_SYSLOG to the Syslog server. Which classes are transferred exactly is determined in the OPC_SYSLOG startup command file in the OPCOM Classes section . This section looks like this in the command file:
$! Opcom Classes<
$! -------------
$! 0=disabled, 1=enabled
$!
$ CENTRAL = 1
$ PRINT = 1
$ TAPES = 1
$ DISKS = 1
$ DEVICE = 1
$ CARDS = 1
$ NETWORK = 1
$ CLUSTER = 1
$ SECURITY = 1
$ REPLY = 1
$ SOFTWARE = 1
$ LICENSE = 1
$ OPER1 = 1
$ OPER2 = 1
$ OPER3 = 1
$ OPER4 = 1
$ OPER5 = 1
$ OPER6 = 1
$ OPER7 = 1
$ OPER8 = 1
$ OPER9 = 1
$ OPER10 = 1
$ OPER11 = 1
$ OPER12 = 1
If the OPCOM classes are configured as in the example above, all
messages are transferred to the Syslog server.
Syslog message facility
According to RFC3164, the following facilities are defined:
SYSLOG Message Facility RFC 3164 --------------------------------
Numerical Facility
Code
0 kernel messages
1 user-level messages
2 mail system
3 system daemons
4 security/authorization messages (note 1)
5 messages generated internally by syslogd
6 line printer subsystem
7 network news subsystem
8 UUCP subsystem
9 clock daemon (note 2)
10 security/authorization messages (note 1)
11 FTP daemon
12 NTP subsystem
13 log audit (note 1)
14 log alert (note 1)
15 clock daemon (note 2)
16 local use 0 (local0)
17 local use 1 (local1)
18 local use 2 (local2)
19 local use 3 (local3)
20 local use 4 (local4)
21 local use 5 (local5)
22 local use 6 (local6)
23 local use 7 (local7)
Numerical Facility
Code
0 kernel messages
1 user-level messages
2 mail system
3 system daemons
4 security/authorization messages (note 1)
5 messages generated internally by syslogd
6 line printer subsystem
7 network news subsystem
8 UUCP subsystem
9 clock daemon (note 2)
10 security/authorization messages (note 1)
11 FTP daemon
12 NTP subsystem
13 log audit (note 1)
14 log alert (note 1)
15 clock daemon (note 2)
16 local use 0 (local0)
17 local use 1 (local1)
18 local use 2 (local2)
19 local use 3 (local3)
20 local use 4 (local4)
21 local use 5 (local5)
22 local use 6 (local6)
23 local use 7 (local7)
The dynamic parameter OPC_SYSLOG_FACILITY determines which facility
should be addressed on the syslog server
$ OPC_SYSLOG_FACILITY = 1! (dynamic)
Syslog severities
SYSLOG Severities RFC 3164
--------------------------
Numerical Severity
Code
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages
--------------------------
Numerical Severity
Code
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages
The severity with which OPC_SYSLOG sends its messages to the
syslog server is determined by the dynamic parameter OPC_SYSLOG_SEVERITY.
$ OPC_SYSLOG_SEVERITY = 4! (dynamic)
OPC_SYSLOG message formats
Usually a syslog message consists of only one line. However,
OPCOM generates multi-line messages. OPC_SYSLOG can transmit OPCOM
messages to the syslog server as 1-line messages (format 4) or format the
messages so that they can be displayed on the syslog server on several lines and
in 3 variants (format 1-3)
OPC_SYSLOG_MSGTYPE 1
OPC_SYSLOG sends a message to the syslog server for each OPCOM
message line
Jul 6 13:55:41 obelix %%%%%%%%%%% OPCOM JUL-2007 13: 55: 41.76
%%%%%%%%%%%
Jul 6 13:55:41 obelix Message from user AUDIT $ SERVER on OBELIX
Jul 6 13:55:41 obelix Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 13:55:41 obelix Auditable event: Batch process logout
Jul 6 13 : 55: 41 obelix Event time: 6-JUL-2007 13: 55: 41.76
Jul 6 13:55:41 obelix PID: 20218531
Jul 6 13:55:41 obelix Process name: BATCH_637
Jul 6 13:55:41 obelix Username : GENI
Jul 6 13:55:41 obelix Process owner: [GENI]
Jul 6 13:55:41 obelix Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 13:55:41 obelix Posix UID: -2
Jul 6 13:55:41 obelix Posix GID: -2 (% XFFFFFFFE)
Jul 6 13:55:51 obelix %%%%%%%%%%% OPCOM
Jul 6, 2007 1:55 pm : 51.87 %%%%%%%%%%% Jul 6 1:55:51 pm obelix Message from user AUDIT $ SERVER on OBELIX
Jul 6 1:55:51 pm obelix Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 13:55:51 obelix Auditable event: Batch process login
Jul 6 13:55:51 obelix Event time: 6-JUL-2007 13: 55: 51.86
Jul 6 13:55:51 obelix PID: 20217432
Jul 6 13:55:51 obelix Process name: BATCH_638
Jul 6 13:55:51 obelix Username: GENI
Jul 6 13:55:51 obelix Process owner: [GENI]
Jul 6 13:55:51 obelix Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 13:55:51 obelix Posix UID: -2
Jul 6 13:55:51 obelix Posix GID: -2 (% XFFFFFFFE)
Jul 6 13:55:41 obelix Message from user AUDIT $ SERVER on OBELIX
Jul 6 13:55:41 obelix Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 13:55:41 obelix Auditable event: Batch process logout
Jul 6 13 : 55: 41 obelix Event time: 6-JUL-2007 13: 55: 41.76
Jul 6 13:55:41 obelix PID: 20218531
Jul 6 13:55:41 obelix Process name: BATCH_637
Jul 6 13:55:41 obelix Username : GENI
Jul 6 13:55:41 obelix Process owner: [GENI]
Jul 6 13:55:41 obelix Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 13:55:41 obelix Posix UID: -2
Jul 6 13:55:41 obelix Posix GID: -2 (% XFFFFFFFE)
Jul 6 13:55:51 obelix %%%%%%%%%%% OPCOM
Jul 6, 2007 1:55 pm : 51.87 %%%%%%%%%%% Jul 6 1:55:51 pm obelix Message from user AUDIT $ SERVER on OBELIX
Jul 6 1:55:51 pm obelix Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 13:55:51 obelix Auditable event: Batch process login
Jul 6 13:55:51 obelix Event time: 6-JUL-2007 13: 55: 51.86
Jul 6 13:55:51 obelix PID: 20217432
Jul 6 13:55:51 obelix Process name: BATCH_638
Jul 6 13:55:51 obelix Username: GENI
Jul 6 13:55:51 obelix Process owner: [GENI]
Jul 6 13:55:51 obelix Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 13:55:51 obelix Posix UID: -2
Jul 6 13:55:51 obelix Posix GID: -2 (% XFFFFFFFE)
OPC_SYSLOG_MSGTYPE 2
Like OPC_SYSLOG_MSGTYPE 1. However, "-" is added in
front of a message from the second line.
Jul 6 14:00:27 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 00: 27.03
%%%%%%%%%%%
Jul 6 14:00:27 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:00:27 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:00:27 obelix - Auditable event: Batch process logout
Jul 6 14:00:27 obelix - Event time: 6-JUL-2007 14: 00: 27.03
Jul 6 14:00:27 obelix - PID: 2021ED5F
Jul 6 14:00:27 obelix - Process name: BATCH_653
Jul 6 14 : 00: 27 obelix - Username: GENI
Jul 6 14:00:27 obelix - Process owner: [GENI]
Jul 6 14:00:27 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:00:27 obelix - Posix UID: -2
Jul 6 14:00:27 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 14:00:28 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 00: 28.30 %%%%%%%%%%%
Jul 6 14:00:28 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:00:28 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:00:28 obelix - Auditable event: Batch process logout
Jul 6 14:00:28 obelix - Event time: 6-JUL-2007 14: 00: 28.30
Jul 6 14:00:28 obelix - PID: 2021FA5A
Jul 6 14:00:28 obelix - Process name: BATCH_647
Jul 6 14:00:28 obelix - Username: SYSTEM
Jul 6 14:00:28 obelix - Process owner: [SYSTEM]
Jul 6 14:00:28 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:00:28 obelix - Posix UID: -2
Jul 6 14:00:28 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 14:00:27 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:00:27 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:00:27 obelix - Auditable event: Batch process logout
Jul 6 14:00:27 obelix - Event time: 6-JUL-2007 14: 00: 27.03
Jul 6 14:00:27 obelix - PID: 2021ED5F
Jul 6 14:00:27 obelix - Process name: BATCH_653
Jul 6 14 : 00: 27 obelix - Username: GENI
Jul 6 14:00:27 obelix - Process owner: [GENI]
Jul 6 14:00:27 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:00:27 obelix - Posix UID: -2
Jul 6 14:00:27 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 14:00:28 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 00: 28.30 %%%%%%%%%%%
Jul 6 14:00:28 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:00:28 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:00:28 obelix - Auditable event: Batch process logout
Jul 6 14:00:28 obelix - Event time: 6-JUL-2007 14: 00: 28.30
Jul 6 14:00:28 obelix - PID: 2021FA5A
Jul 6 14:00:28 obelix - Process name: BATCH_647
Jul 6 14:00:28 obelix - Username: SYSTEM
Jul 6 14:00:28 obelix - Process owner: [SYSTEM]
Jul 6 14:00:28 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:00:28 obelix - Posix UID: -2
Jul 6 14:00:28 obelix - Posix GID: -2 (% XFFFFFFFE)
OPC_SYSLOG_MSGTYPE 3
Like OPC_SYSLOG_MSGTYPE 2. However, an empty line is also written
after each message.
Jul 6 2:02:14 p.m. obelix %%%%%%%%%%% OPCOM JUL-2007
14:02:14:14.65 %%%%%%%%%%%
Jul 6 2:02:14 p.m. obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:02:14 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:02:14 obelix - Auditable event: Batch process login
Jul 6 14:02:14 obelix - Event time: 6-JUL-2007 14: 02: 14.65
Jul 6 14:02:14 obelix - PID: 2021CE67
Jul 6 14:02:14 obelix - Process name: BATCH_654
Jul 6 14 : 02: 14 obelix - Username: SYSTEM
Jul 6 14:02:14 obelix - Process owner: [SYSTEM]
Jul 6 14:02:14 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:02:14 obelix - Posix UID: -2
Jul 6 14:02:14 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 2:02:14 p.m. obelix
Jul 6 2:02:19 p.m. obelix %%%%%%%%%%% OPCOM-JUL-2007 14:02:19:19.19 %%%% %%%%%%%
Jul 6 14:02:19 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:02:19 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:02:19 obelix - Auditable event: Batch process login
Jul 6 14:02:19 obelix - Event time: 6-JUL-2007 14: 02: 19.18
Jul 6 14:02:19 obelix - PID: 2021FF68
Jul 6 14:02:19 obelix - Process name: BATCH_661
Jul 6 14:02:19 obelix - Username: GENI
Jul 6 14:02:19 obelix - Process owner: [GENI]
Jul 6 14:02:19 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:02:19 obelix - Posix UID: -2
Jul 6 14:02:19 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 14:02:19 obelix
Jul 6 2:02:14 p.m. obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:02:14 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:02:14 obelix - Auditable event: Batch process login
Jul 6 14:02:14 obelix - Event time: 6-JUL-2007 14: 02: 14.65
Jul 6 14:02:14 obelix - PID: 2021CE67
Jul 6 14:02:14 obelix - Process name: BATCH_654
Jul 6 14 : 02: 14 obelix - Username: SYSTEM
Jul 6 14:02:14 obelix - Process owner: [SYSTEM]
Jul 6 14:02:14 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:02:14 obelix - Posix UID: -2
Jul 6 14:02:14 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 2:02:14 p.m. obelix
Jul 6 2:02:19 p.m. obelix %%%%%%%%%%% OPCOM-JUL-2007 14:02:19:19.19 %%%% %%%%%%%
Jul 6 14:02:19 obelix - Message from user AUDIT $ SERVER on OBELIX
Jul 6 14:02:19 obelix - Security alarm (SECURITY) and security audit (SECURITY) on OBELIX, system id: 1027
Jul 6 14:02:19 obelix - Auditable event: Batch process login
Jul 6 14:02:19 obelix - Event time: 6-JUL-2007 14: 02: 19.18
Jul 6 14:02:19 obelix - PID: 2021FF68
Jul 6 14:02:19 obelix - Process name: BATCH_661
Jul 6 14:02:19 obelix - Username: GENI
Jul 6 14:02:19 obelix - Process owner: [GENI]
Jul 6 14:02:19 obelix - Image name: DSA0: [SYS0.SYSCOMMON.] [SYSEXE] LOGINOUT.EXE
Jul 6 14:02:19 obelix - Posix UID: -2
Jul 6 14:02:19 obelix - Posix GID: -2 (% XFFFFFFFE)
Jul 6 14:02:19 obelix
OPC_SYSLOG_MSGTYPE 4
The entire OPCOM message is written on one line.
Jul 6 14:03:40 obelix %%%%%%%%%%% OPCOM 6-JUL-2007 14: 03: 40.67
%%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm
(SECURITY) and
Jul 6 14:03:50 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 03: 50.96 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:01 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 01.04 %%%%%%%%%% % Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:10 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 10.95 %%%%% %%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:11 obelix %%%%%%%%%%% OPCOM 6-JUL-2007 14: 04: 11.33 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:14 obelix %%%%%%%%%%% OPCOM 6-JUL-2007 14: 04: 14.83 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:21 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 21.39 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:03:50 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 03: 50.96 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:01 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 01.04 %%%%%%%%%% % Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:10 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 10.95 %%%%% %%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:11 obelix %%%%%%%%%%% OPCOM 6-JUL-2007 14: 04: 11.33 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:14 obelix %%%%%%%%%%% OPCOM 6-JUL-2007 14: 04: 14.83 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
Jul 6 14:04:21 obelix %%%%%%%%%%% OPCOM JUL-2007 14: 04: 21.39 %%%%%%%%%%% Message from user AUDIT $ SERVER on OBELIX Security alarm (SECURITY) and
This message format is very difficult to read on the Syslog
server. A special program would have to be used to make these messages
more readable.
Configuration on the SYSLOG
server side
This describes what has to be configured on a Red Hat server so
that OPCOM messages can be received by an OpenVMS system
Adjustments to / etc /
sysconfig / syslog
The Syslog Daemon on the Unix side must be started with the -r
option so that messages can be received from other computers in the
network. This adjustment must be made in the file / etc / sysconfig /
syslog and the Deamon restarted.
Adjustments to filters
The syslog server can write messages to different files depending
on the facility and severity. Where a particular message is written is
defined in the file /etc/syslog.conf.
hello where can I find the OPC_SYSLOG tools ?
ReplyDeletePlease follow link : https://vmssoftware.com/products/list/?
ReplyDeleteand search for SYSLOGD is freeware provided by VSI.