Logging

Reference: Policy Pages Reference : System settings policies : Logging

Logging

You can configure remote logging servers, log rotation and filtering, and log viewing preferences for the selected system settings policy in the Logging page.

By default, the system rotates each log file every 24 hours or if the file size reaches one Gigabyte uncompressed. You can change this to rotate every week or month and you can rotate the files based on file size.

The automatic rotation of system logs deletes your oldest log file, labeled as Archived log #10, pushes the current log to Archived log # 1, and starts a new current-day log file.

The Logging page contains these groups of settings:

• Logging configuration

• Adding a remote log server

• Adding a new process logging filter

Logging configuration

These configuration options are available under Logging Configuration:

Minimum Severity

Specifies the minimum severity level for the system log messages. The log contains all messages with this severity level or higher. Select one of these levels from the drop-down list:

• Emergency—Unusable system.

• Alert—Action must be taken immediately.

• Critical—Conditions that affect the functionality of the SCC.

• Error—Conditions that probably affect the functionality of the SCC.

• Warning—Conditions that could affect the functionality of the SCC, such authentication failures.

• Notice—Normal but significant conditions, such as a configuration change. This is the default setting.

• Info—Informational messages that provide general information about system operations.

This control applies to the system log only. It doesn’t apply to the user log.

Maximum Number of Log Files

Specifies the maximum number of logs to store. The default value is 10.

Lines Per Log Page

Specifies the number of lines per log page. The default value is 100.

Rotate Based On

Specifies one of these rotation options:

• Time—Select Day, Week, or Month from the drop-down list.

• Disk Space—Specify how much disk space, in megabytes, the log uses before it rotates. The default value is 16MB.

The log size of the log file is only checked on 10-minute intervals.

Adding a remote log server

You must first add a certificate and key on the Logging appliance page for each log server being configured.

Add a New Log Server:

Server IP or Hostname

Specifies the server IP address or hostname of the remote log server.

Minimum Severity

Specifies the minimum severity level for the log messages. The log contains all messages with this severity level or higher. Select one of these levels from the drop-down list:

• Emergency—Unusable system.

• Alert—Action must be taken immediately.

• Critical—Conditions that affect the functionality of the SCC.

• Error—Conditions that probably affect the functionality of the SCC.

• Warning—Conditions that could affect the functionality of the SCC, such authentication failures.

• Notice—Normal but significant conditions, such as a configuration change. This is the default setting.

• Info—Informational messages that provide general information about system operations.

Enable Secure Connection

Enables secure remote logging. A log certificate must be installed before a secure remote logging server can be enabled.

Adding a new process logging filter

These configuration options are available:

Add a New Process Logging Filter

Displays the controls to add a new process logging filter.

Process

Specifies one of these settings from the drop-down list:

• alarmd—Alarm manager

• cifs—CIFS Optimization

• cmcfc—SCC Auto-registration Utility

• rgp—SCC Connector

• rgpd—SCC Connection Manager

• cli—Command-line interface

• mgmtd—Device Control and Management

• http—HTTP Optimization

• hald—Hardware Abstraction Daemon

• notes—Lotus Notes Optimization

• mapi—MAPI Optimization

• nfs—NFS Optimization

• pm—Process Manager

• qosd—QoS Classification

• sched—Process Scheduler

• ssl—SSL optimization.

• virt_wrapped—RSP VMware Interface

• rspd—RSP Watchdog

• statsd—Statistics Collector

• wdt—Watchdog Timer

• webasd—Web Application Process

• domain_auth—Windows Domain Authentication

Minimum Severity

Specifies one of these settings from the drop-down list:

• Emergency—Unusable system.

• Alert—Action must be taken immediately.

• Critical—Conditions that affect the functionality of the SCC.

• Error—Conditions that probably affect the functionality of the SCC.

• Warning—Conditions that could affect the functionality of the SCC, such authentication failures.

• Notice—Normal but significant conditions, such as a configuration change. This is the default setting.

• Info—Informational messages that provide general information about system operations.

Add

Adds a new process.