Configuring the Log File | Apple Mac OS X Server instruction

Configuring System Logging	17

In this chapter you will find commands you can use to configure and manage system logging.

Logging System Events

Logs are text files that form a record of what has occurred on the system, much like a journal.

Configuring the Log File

Log files are maintained in the /Library/Logs/ and /var/log/ folders. Some commonly monitored log files include console.log and system.log. Applications may have their own log files located in different folders. Console.log is located in /Library/Logs/ Console/uid, where uid is the user ID. The console.log file contains recent console activity. System.log is located in /var/log/ and contains all system activity, including console log information.

Configuring Your System Logging

The configuration file for the system logging daemon, syslogd, is /etc/syslog.conf. Each line within /etc/syslog.conf consists of text containing three types of data:

ÂFacility: categories of log messages. The standard facilities include mail, news, user, and kern (kernel).

ÂPriority: urgency of the message. In order from least to most critical, they are: debug, info, notice, warning, err, crit, alert, and emerg. The priority of the log message is set by the application sending it, not by syslogd.

ÂAction: specifies what to do with a log message of a specific facility and priority. Messages can be sent to files, named pipes, devices, or to a remote host.

The following example line specifies that for any log messages in the category mail, with a priority of emerg or higher, the message will be written to the /var/log/mail.log file:

mail.emerg /var/log/mail.log

281

Image 281

Apple Mac OS X Server manual Configuring the Log File, Configuring Your System Logging

Contents

Mac OS X Server Apple Computer, Inc Apple Computer, Inc. All rights reserved Contents Locating Computers for Installation Installing Server SoftwareSpecifying the Target Computer Volume Preparing the Target Volume for a Clean Installation Configuring Network Interfaces Setting Network PreferencesViewing or Changing Media Settings Managing Network Port Configurations Mounting and Unmounting Volumes Working with Disks and VolumesMounting Volumes Unmounting Volumes 141 Listing Connected Users 142 163 171 214 Apache Tomcat JBoss Server 215 MySQL Database Contents 265 Configuring the Active Directory Plug-In Index AppendixGlossary Contents About This Guide Commands and Other Terminal Text Using This GuideCommand Parameters and Options Understanding Notation Conventions Commands Requiring Root Privileges Default Settings Create and manage users, groups, and computer lists. Set up Install Mac OS X Server and set it up for the first timeThis guide Tells you how to Earlier versions of the server Set up and manage QuickTime streaming services Manage directory and authentication services This guide Tells you how to Opening Terminal Executing Commands Path string Description Specifying Files and FoldersTest.c file in the current folder Folder Redirect Description Modifying Flow ControlRedirecting Input and Output Following command in a Terminal window Using Environment Variables Executing Commands and Running Tools Repeating Commands Correcting Typing ErrorsIncluding Paths Using Drag and Drop Searching for Text Within a File Scheduling Tasks Terminating CommandsAn example of a configured crontab file To access a man Sending Commands to a Remote ComputerViewing Command Information $ hdiutil help $ dig -h $ diff --help Executing Commands How SSH Works Understanding Secure Shell Password-Less Logins Using SSH Keys Updating SSH Key Fingerprints Controlling Access to SSH Service What is an SSH Man-in-the-Middle Attack? Using SSH Connecting to a Remote ComputerTo access a remote computer using ssh You’re prompted for the user’s password To enable Telnet access Using TelnetTo disable Telnet access To access a remote computer using telnet To use installer to install Mac OS X Server software Installing Server Software Locating Computers for Installation Preparing the Target Volume for a Clean Installation Specifying the Target Computer VolumeTo list volumes available for server software To list computers on the local network Restarting After Installation Automating Server SetupInstalling from Multiple CDs To save a configuration file during server setup Creating a Configuration File Installing Server Software and Finishing Basic Setup Customizing a Configuration File Working with an Encrypted Configuration FileTo provide a passphrase in a file To provide a passphrase interactively Sample Configuration File Installing Server Software and Finishing Basic Setup Installing Server Software and Finishing Basic Setup Storing a Configuration File in an Accessible Location Configuring the Server Remotely from the Command Line Using the serveradmin Tool Changing Server SettingsUsing the serversetup Tool General and Network Preferences Viewing, Validating, and Setting the Software Serial NumberTo display the server’s software serial number To set the server software serial number To install an update To check for available updatesUpdating Server Software To validate a server software serial number Moving a Server Installing Server Software and Finishing Basic Setup Automatic Restart Restarting a ComputerTo restart the local computer To restart a remote computer immediately Manipulating Open Firmware Nvram Variables Changing a Remote Computer’s Startup DiskShutting Down a Computer Folder Usage Monitoring and Restarting Critical Services Restarting or Shutting Down a Computer Viewing or Changing the Date and Time Viewing or Changing the Computer NameTo display the computer name To change the computer name Viewing or Changing the System Time Viewing or Changing the System DateViewing or Changing the System Time Zone Viewing or Changing Network Time Server Usage Viewing or Changing Automatic Restart Settings Viewing or Changing the Energy Saver SettingsViewing or Changing Sleep Settings Viewing or Changing the Startup Disk Settings Changing the Power Management Settings Viewing or Changing the International Settings Viewing or Changing the Sharing SettingsViewing or Changing Remote Login Settings Viewing or Changing Apple Event Response To view the current setting Viewing and Changing the Login SettingsDisables the buttons and 1 enables the buttons Configuring Network Interfaces Setting Network Preferences Viewing or Changing MTU Values Managing Network Interface InformationViewing Port Names and Hardware Addresses Viewing or Changing Media Settings Managing Network Port ConfigurationsCreating or Deleting Port Configurations Activating Port Configurations Changing a Server’s IP Address Managing TCP/IP SettingsTo change the order of the port configurations To change the IP address of a standalone server To change a server’s IP addressRun the changeip tool To view TCP/IP settings for port en0 To list TCP/IP settings for a configurationTo view TCP/IP settings for a particular port or device To change TCP/IP settings for a particular port or device Viewing or Changing DNS Servers Ieee 802.3ad Ethernet Link Aggregation Enabling TCP/IPWorking with VLANs Configuring Ethernet Link Aggregation Configuring a Network Interface Managing Snmp Settings Managing AppleTalk Settings Open the /etc/hostconfig file Locate the line Installing SnmpStarting Snmp Immediately above it, add this line To start the snmp agent manually Configuring SnmpTo identify the process id To stop snmpd To view the snmp.conf file Collecting Snmp Information from the HostTo start snmpd, execute this as root Other options in the menu you were working in are Viewing or Changing FTP Proxy Settings Managing Proxy Settings Viewing or Changing Secure Web Proxy Settings Viewing or Changing Web Proxy SettingsViewing or Changing Streaming Proxy Settings Viewing or Changing Gopher Proxy Settings Viewing or Changing Proxy Bypass Domains Managing AirPort SettingsViewing or Changing Socks Firewall Proxy Settings Hostname Managing the Computer, Host, and Bonjour NamesComputer Name Command displays 0 if the name was changed Managing Preference Files and the Configuration DaemonBonjour Name To display the server’s Bonjour name To get the hostname of a system Changing Network LocationsTo set the hostname of a system Computer will respond with output similar to the following This example, the network location will switch to AirPortTo view the current locations Understanding Disks, Partitions, and the File System Mounting and Unmounting Volumes Unmounting Volumes Mounting VolumesTo unmount a volume To view a list of currently mounted file systems Displaying Disk Information To enable diskspacemonitorMonitoring Disk Space To display disk information Reclaiming Disk Space Using Log-Rolling Scripts Erasing, Modifying, Verifying, and Repairing Disks To erase and repartition a disk To get mount info about a partitionTo mount a drive Command Description To format a Mac OS Extended volume as case-sensitive HFS+Partitioning and Formatting Disks Partitioning a Disk Labeling a Disk Checking for Disk ProblemsFormatting a Disk To fomat a disk Enabling Journaling for an Existing Volume Checking to See If Journaling is EnabledTo see if journaling is enabled To enable journaling Understanding Spotlight Technology Enabling Journaling When You Erase a DiskDisabling Journaling Enabling and Disabling Spotlight Performing Spotlight Searches To enable Spotlight on your serverRestart your server To view the metadata of a file Controlling Spotlight Indexing Managing RAID Volumes To repair a failed mirror Imaging and Cloning Volumes Using ASRTo image a boot volume To restore a volume from an image Understanding Accounts Working with Users and Groups Creating a Local Administrator User Account for a Server Administering and Creating AccountsTo create a local administrator user account To create an local administrator user with a specific UID To create a domain administrator user account Creating a Domain Administrator User Account Creating a Nonadministrator User Account Checking a User’s Administrator PrivilegesTo find the Guid of the administrator user To see if a user is a server administrator Specify the user ID, replacing 1234 with the new user’s ID 102 Removing a User Account Retreiving a User’s GuidTo retrieve a user’s Guid Review the Guid for a particular user To prevent a user from logging Revoking a User’s Right to Access His or Her AccountDisable the user account by entering the following command To terminate all of a user’s processes To reenable a user account that is disabled Checking a Server User’s Name, UID, or Password Attribute Description Modifying a User AccountTo change a user account attribute to a new value To create a mobile account Creating a Mobile User Account To flush the cache Managing Home FoldersCreating a User’s Home Folder To create a home folder for a particular user To create a home folder for users in the local domain Administering Group AccountsMounting a User’s Home Folder To mount a user’s shared home directory on an AFP server To add a group account Creating a Group Account To remove a group account You can remove group accounts by using the dscl toolRemoving a Group Account To add a user to a group You can add users to a group using the dscl toolAdding a User to a Group To remove a user from a group You can remove users from a group by using the dscl toolRemoving a User from a Group Review the new settings of the group To verify a nested group Creating and Deleting Nested GroupTo create a nested group To unnest a group Editing Group RecordsTo display the information about a particular group To delete a group Creating a Group Folder Viewing the Workgroup a User Selects at LoginTo create a group folder See the CreateGroupFolder man page for more information To import users and groups Importing Users and Groups Number of attributes in each account record Creating a Character-Delimited User Import FileWriting a Record Description 121 An example user account looks like this Using the StandardUserRecord ShorthandUsing the StandardGroupRecord Shorthand Viewing Permissions Setting PermissionsSome examples of permission settings Use one of the following values to set the permission level Setting the umask for Individual Users See the chmod man page for more information Changing PermissionsUse the chmod tool to change permissions for an item Changing the Owner Securing System AccountsChanging the Group Securing Initial System Accounts Enter the root password when prompted To disable root loginSecuring the Root Account Restricting Use of the sudo Tool Securing Single-User Boot Computer should restart and display the login window Setting Password PolicyTo set the Open Firmware password for increased security To view the global password policy To change a user’s passwordTo set the minimum password length to 5 characters To set a more secure global password policy Finding User Account Information Access the help prompt and enter the command nameSee the pwpolicy man page for more information To query for a user by name 132 Managing Share Points Working with File Services Creating a Share Point Listing Share PointsTo list existing share points To create a share point Modifying a Share Point To change share point settings Starting and Stopping AFP Service Managing the AFP ServiceChecking AFP Service Status Viewing AFP Settings List of AFP Settings Changing AFP SettingsTo change a setting To change several settings Authentication mode. Can be Allow an administrator user to masquerade as another userWhether the AFP service should restart automatically when Location of the error log Login greeting message Record user logins in the activity logLast time the login greeting was set or updated Default = -1unlimited List of AFP serveradmin Commands Value returned by getConnectedUsers Listing Connected UsersTo list connected users Sending a Message to AFP Users Disconnecting AFP UsersTo send a message To disconnect users To cancel a user disconnect Canceling a User DisconnectComputer will repond with the following output Value Description Computer will respond with the following output Listing AFP Service StatisticsTo list service statistic samples To view the latest entries in a log Viewing AFP Log FilesTo display the log paths Value displayed by Starting and Stopping NFS Service Managing the NFS ServiceChecking NFS Service Status Viewing NFS Service Settings Starting FTP Service Managing the FTP ServiceStopping FTP Service Checking FTP Service Status Parameter ftp Description Changing FTP Service SettingsList of FTP Service Settings Displays a banner message that appears when Directory in which the FTP content is storedPrompted to log in to the FTP. Customize to your Own preferences Checking for Connected FTP Users List of FTP serveradmin CommandsViewing the FTP Transfer Log Starting and Stopping SMB/CIFS Service Managing the SMB/CIFS ServiceChecking SMB/CIFS Service Status Viewing SMB/CIFS Service Settings Parameter smb Description Changing SMB/CIFS Service SettingsList of SMB/CIFS Service Settings Advanced pane of Windows service settings in the Server Browser service. Can be set toLow errors and warnings only Medium service start and stop, authentication failures Pane of the Windows service settings in the Server Admin Server’s NetBIOS name. Can be set to a maximumWindows service settings in the Server Admin This corresponds to the Wins Registration Off and Enable Listing SMB/CIFS Users List of SMB/CIFS serveradmin Commands Listing SMB/CIFS Service Statistics Disconnecting SMB/CIFS UsersTo list SMB/CIFS connections Computer responds with the following output Location of the SMB service log Viewing SMB/CIFS Service LogsLocation of the name service log Managing ACLs Following are the permissions applicable to folders Using chmod to Modify ACLsTo grant a user write permission for a file To deny a guest read permission for a file Output should look like the following To view the ACL of a file 160 Understanding the Print Process Working with the Print Service Starting and Stopping Print Service Performing Print Service TasksTo start print service To stop print service Changing Print Service Settings Checking the Status of Print ServiceViewing Print Service Settings Parameter print Description Print Service Settings Parameter printDescription Queue Data Array Following is an example of a queue array parameter block Managing the Print ServiceCommand printcommand= Description Listing Queues Pausing a QueueListing Jobs and Job Information To pause a queue To release the job Holding a JobTo hold a job To obtain a list of available cover pages Viewing Print Service Log FilesViewing Cover Pages 170 Starting and Stopping NetBoot Service Understanding the NetBoot ServiceTo start NetBoot service To stop NetBoot service Changing NetBoot Settings Checking NetBoot Service StatusViewing NetBoot Settings Volume parameter array Changing General Netboot Service SettingsParameter netboot Description Storage Record Array Image Record Array Filters Record Array Port Record Array Enabling NetBoot 1.0 for Older NetBoot ClientsTo enable NetBoot Using hdiutil to Work with System Images Booting from an ImageWorking with System Images Updating an Image Imaging Multiple Clients Using Multicast asr Using asr to Restore System Images To configure a client to receive a multicast stream Choosing a Boot Device Using systemsetup Postfix Agent Understanding the Mail Service Mailman Cyrus Starting and Stopping Mail Service Managing the Mail ServiceChecking the Status of Mail Service Viewing Mail Service Settings Parameter mail Description Mail Service Settings Default = 1s Default = 500sDefault = domain Default = += Default = postfix Default = 0sDefault = 1000s Default = -=+ Default = flush Default = flockDefault = 60s Default = postdrop Default = /usr/bin Default = 10sDefault = mail Default = none Default = 7d Default = smtpDefault = qmgr Default = fcntl Default = showq Default = errorDefault = 5d Default = host Default = active Default = incomingDefault = deferred Default = bounce Default = $home Default = virtualDefault = rewrite Default = 600s Default = hash Default = 30sDefault = Default Default = c Default = auxprop Default = cyrus 193 To list samples Mail serveradmin CommandsListing Mail Service Statistics Default = srvr.log Viewing the Mail Service LogsTo display the log locations Location of the server log Backing Up the Mail Files Reconstructing the Mail Database Enter a key size at the next prompt, and then press Return Setting Up SSL for Mail ServiceGenerating a CSR and Creating a Keychain 199 Obtaining an SSL Certificate Accessing the Server CertificatesImporting an SSL Certificate into the Keychain To import an SSL certificate into the keychain See the certadmin man page for more information Creating a Password FileTo create a password file To list the certificates stored in the System keychain Enabling Sieve Scripting Configuring Mailboxes Reload the mail service To enable Sieve supportEnabling Sieve Support Sample Sieve Scripts Basic Sort and Anti-Junk Mail Filter Script Self-Defined Forwarding Script Sieve Scripting Resources 206 Files Location Understanding Web Technology Starting and Stopping Web Service Managing the Web ServiceChecking Web Service Status Viewing Web Settings Changing Settings Using serveradmin Changing Web SettingsServeradmin and Apache Settings Viewing Service Logs Web serveradmin CommandsViewing Service Statistics Listing Hosted Sites V1-Number of requests per second Value you want to display. Valid valuesV2-Throughput bytes/sec V3-Cache requests per second Addsite.in File Example Script for Adding a WebsiteAddsite File To run the script Tuning the Server Performance Apache Tomcat Working with Application Servers and JavaJBoss Server To start Apache Tomcat MySQL Database To install the default databaseTo start JBoss, enter the following To stop JBoss, enter the following To create a database To set the root passwordTo set the network option To start mysqld Managing Network Services Working with Network Services Starting and Stopping Dhcp Service Managing the Dhcp ServiceChecking the Status of Dhcp Service Viewing Dhcp Service Settings Dhcp Service Settings Changing Dhcp Service SettingsTo see a list of available service settings To change a single Dhcp setting Subnet Parameter Dhcp Subnet Settings ArrayAbout Subnet IDs Not set default General pane of the subnet settings in the ServerWins pane of the subnet settings in the Server Lease time in seconds Adding a Dhcp Subnet Corresponds to the NetBIOS Scope ID field in the WinsTo add a subnet Domain name such as apple.com About Static Map IDs Adding a Dhcp Static MapTo add a static map Viewing the Dhcp Service Log List of Dhcp serveradmin CommandsCommand Dhcpcommand=Description Determine the location of the Dhcp service logs Starting and Stopping the DNS Service Managing the DNS ServiceChecking the Status of DNS Service Viewing DNS Service Settings DNS Service Settings Changing DNS Service SettingsList of DNS serveradmin Commands Viewing the DNS Service Log Managing the Firewall Service Configuring IP Forwarding Checking the Status of Firewall Service Starting and Stopping Firewall ServiceViewing Firewall Service Settings Firewall Startup Parameter ipfilter Description Changing Firewall Service SettingsFirewall Service Settings Adding Rules by Modifying ipfw.conf Defining Firewall RulesIpfilter Groups with Rules Array Unmodified ipfw.conf file Ping cracker.evil.org to determine its IP address Adding Rules Using serveradminTo add a rule An example of this would be similar to the following Ipfilter Rules Array Firewall serveradmin Commands Viewing Firewall Service Log Managing the NAT ServiceUsing Firewall Service to Simulate Network Activity Location of the ipfilter service log Checking the Status of NAT Service Starting and Stopping NAT ServiceViewing NAT Service Settings Changing NAT Service Settings Parameter nat Description NAT Service SettingsNAT serveradmin Commands Port Mapping Viewing the NAT Service Log Starting and Stopping VPN Service Managing the VPN ServiceChecking the Status of VPN Service Viewing VPN Service Settings List of VPN Service Settings Changing VPN Service SettingsDefault = Keychain Default = IPSec Default = L2TP Default = ManualDefault = PPP Default = Dsacl Default = EAP-RSA Default = PptpDefault = Mppe Viewing the VPN Service Log List of VPN serveradmin CommandsVPN Service Log on this Restarted. See Using the serveradmin Tool on Site-to-Site VPN Configuring Site-to-Site VPNLocation of the VPN service log Adding a VPN Keyagent User IP Failover Prerequisites Setting Up IP FailoverIP Failover Operation Hardware Requirements Enabling IP Failover To enable IP failover Pre and Post Scripts Configuring IP FailoverNotification Only Enabling PPP Dial-In Restoring the Default Configuration for Server ServicesTo restore the NAT service to its default configuration Re-create the two default records To restore the Dhcp service to its default configurationTo restore the Qtss service to its default configuration To restore the DNS service to its default configuration To restore the VPN service to its default configuration Understanding Open Directory Using General Directory ToolsTesting Your Open Directory Configuration Changing Open Directory Service Settings Testing Open Directory Plug-insModifying a Directory Domain Registering URLs with SLP PasswordOptionsString Configuring LdapLDAPTimeoutUnits Default = minutes LDAPServerBackend Managing OpenLDAP Tool Used to Configuring slapd and slurpd DaemonsStandard Distribution Tools Idle Timeout Delay RebindIdle Rebinding Options Searching the Ldap Server 256 257 Using Ldif Files Additional Information About Ldap Configuring NetInfoManaging NetInfo Open Directory Password Server Managing Open Directory PasswordsViewing or Changing Password Policies Enabling or Disabling Authentication Methods Backing Up the Kerberos Database Kerberos and Apple Single Sign-OnTo dump the KDC’s database To load KDC data from a dumped file Principal Management To add a service principalTo add a principal To delete a principal Operating on Directory Service Directory Domains Using Directory Service ToolsUsing kadmin to kerberize a service To kerberize a service from a terminal running on that host Manipulating a Single Named Group Record Finding Network Information Configuring the Active Directory Plug-In Adding or Removing Ldap Server ConfigurationsTo add an Ldap server To remove an Ldap server 266 Understanding QuickTime Streaming Server Performing Qtss Service Tasks Checking Qtss Service Status Starting and Stopping the Qtss ServiceViewing Qtss Settings Changing Qtss Settings Descriptions of Settings Qtss SettingsDefault = qtaccess Look in the sample file for Default = admin Default = digest Managing Qtss Default = qtssListing Current Connections Logs on Connections Viewing Qtss Service StatisticsFor connections v1, this is integer average number Forcing Qtss to Reread its Preferences Send a HUP signal to this processTo force Qtss to reread its preferences List the Qtss processes Resetting the Streaming Server Admin User Name and Password Configuring Streaming SecurityTo set up Sites/Streaming/ in older home folders To reset the user name and password Creating an Access File Controlling Access to Streamed Media Quotation marks Between terms, make sure you enclose the entire messagePath and filename of the user file Qtusers Adding User Accounts and Passwords Accessing Protected MediaAdding or Deleting Groups Making Changes to the User or Group File Creating Reference Movies Manipulating QuickTime and MP4 MoviesCreate QuickTime Atom ref movie with extension .qtl Create XML text ref movie with extension .qtl 280 Configuring Your System Logging Configuring the Log File Local Logging To enable remote logging on a client computer Configuring Remote Logging on a Client ComputerConfiguring Remote Logging on a Server Remote Logging Open /etc/rc and locate the following line Or match a single host like this PCI RAID Card Command Reference 286 287 288 Computer account See computer list Glossary Directory node See directory domain Full name See long name 292 293 294 Relay point See open relay Search path See search policy 297 298 Securing Chgrp tool ACL access control list Access136 Example Stopping service Naming 41 Restoring images Logs Lpr Backup Cyrus Mail files Error messages command not found Executing commands Dynamic Host Configuration Protocol. See DhcpImage Booting from 176 updating Disk journaling Backing up Principal management 262 tools and utilities Kerberosautoconfig tool 261 keychain QuickTime Streaming Server. See Qtss 302 AFP DNS Used by ldapsearch 255 scheduling tasks Time, viewing or changing 57 Stopping service 239 Terminating commandsViewing service logs Tools for remote configuration