Subject: How to enable syslog daemon and how to read the syslog messages
Date last updated: 31-Mar-1998
 
This material is an update to "Chapter 14.  Ongoing Maintenance", last
section in that chapter.
 
  ERRORS
  ______
 
Errors encountered by CMVC and the Data Base
Management System are recorded in the syslog facility when the
syslog is activated.  If syslog is not activated, error messages are
sent to the console of the CMVC server workstation.  Since multiple
families may be supported by a single CMVC server, the messages logged in
syslog may pertain to multiple families.
 
It is important to activate the syslog daemon so that CMVC errors and
database errors can be logged for subsequent problem resolution.  To
activate the syslog daemon do the following:
 
1. Use the touch command to create the log file if it does not exist.
 
   For example in AIX:
 
      touch /var/spool/syslog
 
   For example in HP-UX 9:
 
      touch /usr/adm/syslog
 
   For example in HP-UX 10:
 
      touch /usr/adm/syslog/syslog.log
 
   For example in Solaris:
 
      touch /usr/adm/messages
 
   For example in SunOS:
 
      touch /usr/adm/messages
 
 
2. When creating the log file, set permissions according to the
   directions for the operating system; for example in AIX, the
   permissions for /usr/spool/syslog should be read-write for owner
   and group, and read for others, with owner root and group system.
 
   For example in AIX:
 
   chmod 666    /var/spool/syslog
   chown root   /var/spool/syslog
   chgrp system /var/spool/syslog
 
   For example in HP-UX 9:
 
   chmod 666    /usr/adm/syslog
   chown root   /usr/adm/syslog
   chgrp system /usr/adm/syslog
 
 
3. Edit the /etc/syslog.conf file and add the following line, depending
   on the operating system you are using:
 
+------------------+---------------------------------------------+
| OPERATING SYSTEM | LINE TO BE ADDED                            |
+------------------+---------------------------------------------+
| AIX              | *.warning     /var/spool/syslog             |
+------------------+---------------------------------------------+
| HP-UX 9          | *.warning     /usr/adm/syslog               |
+------------------+---------------------------------------------+
| HP-UX 10         | *.warning     /var/adm/syslog/syslog.log    |
+------------------+---------------------------------------------+
| SunOS            | *.warning     /var/log/syslog               |
|    or            | *.warning     /var/adm/messages             |
+------------------+---------------------------------------------+
| Solaris          | *.warning     /var/adm/messages             |
+------------------+---------------------------------------------+
 
Note: if you are using DB2, then if you add entries for
      both warning and errors, then you will have double
      entries for each DB2 message in the syslog.
 
4. Stop and restart syslogd after modifying syslog.conf and
   creating the log file.
 
   * For example in AIX:
 
   stopsrc -s syslogd
 
   * For example in HP (this is enough to re-read the config file):
 
   kill -HUP `cat /etc/syslog.pid`
 
   * For Solaris, identify the process id of "syslogd" and then kill:
 
   ps -ef | grep syslogd
   # find the process id for "syslogd", such as 1234
   kill -1 1234
   # if that does not work, then try "kill -9 1234"
 
5. Start the syslog daemon by issuing the following
   command, depending on the operating system you are using:
 
+---------------------------+---------------------------+
| OPERATING SYSTEM          | FILE                      |
+---------------------------+---------------------------+
| AIX                       | "/etc/syslogd"            |
|                           |                           |
|                           | NOTE:  To stop use:       |
|                           | "stopsrc -s syslogd"      |
|                           | and to start use:         |
|                           | "startsrc -s syslogd"     |
+---------------------------+---------------------------+
| HP-UX                     | "/etc/syslogd"            |
+---------------------------+---------------------------+
| SunOS                     | "/usr/etc/syslogd"        |
+---------------------------+---------------------------+
| Solaris                   | "/usr/sbin/syslogd"       |
+---------------------------+---------------------------+
 
6. Verify that the syslog daemon is running:
 
   In AIX, Solaris and HP do:
 
       ps -ef | grep syslog
 
   In SunOS do:
 
       ps -ax | grep syslog
 
7. Verify that the syslog daemon is able to write into the syslog file.
   The following test case can help you to determine if the syslog has
   been configured properly:
 
 a. login with a CMVC family id
 b. use 'su root' and give a wrong password. This action will
    add a message to the syslog.
 c. if the syslog is properly set and running, then a message
    similar to this one will be added to the syslog:
 
 Apr 19 10:21:45 hostname su: BAD SU from userid to root at /dev/pts/3
 or
 May  1 09:00:38 oem-hp03 syslog: su : - ttyp1 cmhp3ora-root
 
 
8. If you want to cleanup the syslog, you can use the following command:
 
   cp /dev/null <syslog-file-name>
                ******************  => use the appropriate name
 
NOTE:
   Refer to the /etc/syslog.conf file for the location of the syslog
   file. Monitor this file at regular intervals so that any required
   maintenance or problem resolution can be performed.
 
*** end of note ***