HPE Community
Operating System - HP-UX
1761317 Members
3933 Online
108901 Solutions
New Discussion юеВ

Event IDs and Signatures

 
Praveen_28
New Member

тАО08-11-2005 09:12 PM

тАО08-11-2005 09:12 PM

Event IDs and Signatures

Hi All
Can anyone please provide the detailed list of the types of EVENT IDs and the respective SIGNATURES in a HP-UX Operating Environment.
Please reply me as soon as possible. "Edited to comply with ITRC GuideLines"

Thanks in Advance
0 Kudos
Reply
7 REPLIES 7
saju_2
Respected Contributor

тАО08-11-2005 09:49 PM

тАО08-11-2005 09:49 PM

Re: Event IDs and Signatures

Hi praveen

Are u refering to the Event Monitoring IDs and its descriptions.??.If so pls check the link below

http://docs.hp.com/en/diag/ems/dm_TL_adapter.htm

Regards
CS
0 Kudos
Reply
Praveen_28
New Member

тАО08-12-2005 12:27 AM

тАО08-12-2005 12:27 AM

Re: Event IDs and Signatures

Thank you for replying me.
And I'm sorry to say that my need has not been fulfilled yet. I'm looking for the list of signatures of the HP-UX system log which will be produced by the system log. In clear like if we had a failed telnet login we will get the event like inetd: failed login from xsystem to ysystem.
I want the signatures of the events like this.
"Edited to comply with ITRC GuideLines"
0 Kudos
Reply
Andrew Merritt_2
Honored Contributor

тАО09-01-2005 10:28 PM

тАО09-01-2005 10:28 PM

Re: Event IDs and Signatures

Are you asking for every possible error that might be logged to syslog, or something more general? I'm not sure what you mean by 'signatures'.

Perhaps if you mentioned what you'll be doing with the information it will help someone to answer the question.

Andrew
0 Kudos
Reply
Praveen_28
New Member

тАО09-12-2005 05:04 PM

тАО09-12-2005 05:04 PM

Re: Event IDs and Signatures

Hi
I want every possible error message that will logged into to syslog and the 'signatures' of such error messages.
Signatures in my sense are something like if there are some failed logins in the syslog such as ftp failed login telnet, failed login, these failed logins will comes under the signature called Failed Login. The nature of the event in the syslog can be termed as Signature. If you found the log messages and the signatures please reply me asap.
0 Kudos
Reply
Thayanidhi
Honored Contributor

тАО09-12-2005 06:26 PM

тАО09-12-2005 06:26 PM

Re: Event IDs and Signatures

Hi Praveen,
Each application/service may log to syslog with their own format. It would be highly impossible to collect all the common text (signature in your lang). If you are interested in telnet and ftp only, you can enable logging of inetd by running "inetd -l" see man page for more details. Please note enabling this will fillup syslog.log very fast. monitor and trim the log file.
To disable logging run again "inetd -l"

You can also "watch" the systems for some time to capture thoses texts, but won't be complete always. Some times after a patch the log may look different!

Regards
TT
Attitude (not aptitude) determines altitude.
0 Kudos
Reply
Praveen_28
New Member

тАО09-12-2005 10:10 PM

тАО09-12-2005 10:10 PM

Re: Event IDs and Signatures

Hi Thayanidi,

Thanks for the reply. I am actually developing an application that analyzes the logs trapped by syslog and reports the events to the user depending on the predefined complexity/taxonomy levels.

Please let me know, how can i get the list of all possible logs in HP-UX. I believe some how or the other we can get this information by analyzing the common entries logged to syslog file.


Thanks,
Praveen

0 Kudos
Reply
Thayanidhi
Honored Contributor

тАО09-13-2005 02:02 AM

тАО09-13-2005 02:02 AM

Re: Event IDs and Signatures

Hi,
Hope you heared about Openview Operation product, which does the same what you are looking for. There are SPIs (Smart plug ins) which has pre-defined pattern matching and monitoring tools. I am not sure how the above information will help you! keep hunting.

http://openview.hp.com/products/ovoux/index.html

Regds
TT
Attitude (not aptitude) determines altitude.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.