- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: syslog -- centralised log server
Operating System - HP-UX
1748117
Members
3662
Online
108758
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-30-2011 08:37 PM
тАО05-30-2011 08:37 PM
syslog -- centralised log server
Hi,
Centralised log server has been created in our environment for all Linux and HP Unix Servers in our environment.
It is working fine for all the linux systems except HP Unix servers. I have given follwoing entries in /etc/syslog.conf
*.info;mail.none @192.1.10.18
where 192.1.10.18 is centralised log server IP.
Centralised log server and the other systems are in different network subnet.
For testing i have created an another HP Unix server as centralised log server in the same subnet of other HP Unix servers. Then it is working fine. Problem is with different subnet which is separated by firewall. Firewall team is saying they were not receiving any request in firewall log.
What will be the cause of the issue?
Manoj K
Centralised log server has been created in our environment for all Linux and HP Unix Servers in our environment.
It is working fine for all the linux systems except HP Unix servers. I have given follwoing entries in /etc/syslog.conf
*.info;mail.none @192.1.10.18
where 192.1.10.18 is centralised log server IP.
Centralised log server and the other systems are in different network subnet.
For testing i have created an another HP Unix server as centralised log server in the same subnet of other HP Unix servers. Then it is working fine. Problem is with different subnet which is separated by firewall. Firewall team is saying they were not receiving any request in firewall log.
What will be the cause of the issue?
Manoj K
Thanks and Regards,
Manoj K
Manoj K
- Tags:
- syslog
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-30-2011 10:01 PM
тАО05-30-2011 10:01 PM
Re: syslog -- centralised log server
Does a ping to the 192.1.10.18 works?
Do you have multiple gateways?
Does your system have multiple interfaces in the same subnet?
netstat -ni
netstat -nrv
probably you can try a nettl trace at link layer ( with option -m 100 to limit the size)
then try a ping , and something which produce syslog output,
Do you have multiple gateways?
Does your system have multiple interfaces in the same subnet?
netstat -ni
netstat -nrv
probably you can try a nettl trace at link layer ( with option -m 100 to limit the size)
then try a ping , and something which produce syslog output,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-30-2011 10:34 PM
тАО05-30-2011 10:34 PM
Re: syslog -- centralised log server
Have you checked the syntax of your syslog.conf file - made sure it doesn't contain any spaces, just tabs?
HTH
Duncan
I am an HPE Employee
HTH
Duncan
I am an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2011 12:21 AM
тАО05-31-2011 12:21 AM
Re: syslog -- centralised log server
Can your HP-UX systems communicate with anything else outside their own subnet?
If they can't (or you haven't had a reason to test until now), you should be aware of the Dead Gateway Detection system of HP-UX.
By default, HP-UX expects that a gateway should answer to pings. If it doesn't, HP-UX thinks the gateway has died and stops trying to use it.
Sometimes, network administrators configure their gateways to not answer to pings - this is rather common when the gateway is also the firewall.
Please run:
# ndd -get /dev/ip ip_ire_gw_probe
If it responds "1", then the Dead Gateway Detection is enabled.
To disable it, run:
ndd -set /dev/ip ip_ire_gw_probe 0
(If the Dead Gateway Detection has already disabled your access to the default gateway, you would have to delete and re-add the gateway route entry to "refresh" it.)
If this fixes your problem, add this to your /etc/rc.config.d/nddconf file to make it persistent:
TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_ire_gw_probe
NDD_VALUE[0]=0
(Note: if you have other settings in your nddconf file, remember to adjust the number inside the [brackets] so it does not overlap with the numbers of the other settings.)
MK
If they can't (or you haven't had a reason to test until now), you should be aware of the Dead Gateway Detection system of HP-UX.
By default, HP-UX expects that a gateway should answer to pings. If it doesn't, HP-UX thinks the gateway has died and stops trying to use it.
Sometimes, network administrators configure their gateways to not answer to pings - this is rather common when the gateway is also the firewall.
Please run:
# ndd -get /dev/ip ip_ire_gw_probe
If it responds "1", then the Dead Gateway Detection is enabled.
To disable it, run:
ndd -set /dev/ip ip_ire_gw_probe 0
(If the Dead Gateway Detection has already disabled your access to the default gateway, you would have to delete and re-add the gateway route entry to "refresh" it.)
If this fixes your problem, add this to your /etc/rc.config.d/nddconf file to make it persistent:
TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_ire_gw_probe
NDD_VALUE[0]=0
(Note: if you have other settings in your nddconf file, remember to adjust the number inside the [brackets] so it does not overlap with the numbers of the other settings.)
MK
MK
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP