- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: off server logging facility
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 04:21 AM
тАО03-09-2006 04:21 AM
off server logging facility
Here is my requirment and hopefully there are some ideas.
It is required that all system events be logged to a tertiary server. The administrators of the primary server cannot have admin privelages to modify the events recorded on the tertiary server.
The above is somewhat the purpose of a centralized syslog server where each server will send log events to and have reviewed by a different party.
Any ideas for the VMS world ? I see there is a syslog daemon available for VMS but getting all of vms to tie into the logger utility may not be possible.
Thanks to all !!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 04:35 AM
тАО03-09-2006 04:35 AM
Re: off server logging facility
SYSLOG server freeware exists for OpenVMS, specifically
a syslogd server is available via the FileServ package.
Archunan
Archie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 05:17 AM
тАО03-09-2006 05:17 AM
Re: off server logging facility
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 06:33 AM
тАО03-09-2006 06:33 AM
Re: off server logging facility
Audit is requiring system events to be mirrored or logged "off" server. Although the syslog daemon that is ported from UNIX to VMS serves this purpose the next hurdle would be getting VMS to send it's events through the logger command.
If reply/enable could be told to send the messages into the logger command, that might be a way around it.
or
Write DLC to monitor the operator.log and then send each new entry through logger.
or
I see that the reply command will allow for op messages to another node. This might be easiest but the other node would have to be a VMS server admin'd/controlled by another group.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 07:35 AM
тАО03-09-2006 07:35 AM
Re: off server logging facility
I would assume that a requirement of this type would have some "budget dollars" behind it. I recommend looking at ConsoleWorks from TDI <>. Very good product and good people to work with. You have your choice of the usual popular server platforms including VMS. We use it to connect to, monitor and archive the output on serial consoles all around North America. We also send alarms based on "events" that come across consoles. We don't use their syslog or Windows client, but they are available for ConsoleWorks also.
Bill
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 08:29 AM
тАО03-09-2006 08:29 AM
Re: off server logging facility
I have also used Consoleworks at a couple of different sites and it works well. It will allow you to log anything that would normally come across theconsole. Including if someone logs in on the console and does some work. It can be set to watch for specific text strings and trigger events based off the text strings. I also would recommend it.
Phil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 08:40 AM
тАО03-09-2006 08:40 AM
Re: off server logging facility
Not SYSLOG, but check the section "Using a Remote Log File" in "HP OpenVMS Guide to System Security" - it gives a worked example of sending all AUDIT messages to a remote system (using DECnet). The remote file is a second audit journal.
If the SYSLOG thing doesn't already exist, there are mechanisms which would simplify creating a SYSLOG client - use an audit listener mailbox (also in the Guide to System Security a few pages beyond the remote log example). It's just a matter of writing a little program to catch the audit messages from the mailbox, reformat them as SYSLOG packets and toss them out on the wire for the SYSLOG server. (I'd be astonished if someone hasn't already done this).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 09:22 AM
тАО03-09-2006 09:22 AM
Re: off server logging facility
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 11:04 AM
тАО03-09-2006 11:04 AM
Re: off server logging facility
I have done this for one of my clients, who had a similar need.
A lot depends on what precisely you are monitoring. There are ways to capture OPCOM and the AUDIT Event streams. It takes some care, but works quite well.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-09-2006 08:06 PM
тАО03-09-2006 08:06 PM
Re: off server logging facility
Like ConsoleWorks, it traps events coming out of OPA0 and can send them via a number of methods, including SNMP, PAGE, EMAIL, TNG, etc.
It's very useful for creating DCL scripts to reply to or act upon OPCOM requests or messages.
Rob.