Next, the wizard prompts for which local logs should be consolidated:
Log files that reside on this system can be consolidated.
Would you like to consolidate this system's syslogs? (y/n) [y]:
Answering yes places this log consolidation system’s own local syslog data in the consolidated log along with the client system's syslog data. To preserve the priority and facility of syslog entries, UDP local loopback is used, and syslog is configured to also forward entries to its local UDP port 514.
Summary of Log Consolidation Configuration:
You have chosen to configure hostname as a Log Consolidation Server.
Logs will be forwarded from the remote consolidation clients to local port 1776 using the TCP protocol.
The consolidated logs will be stored under directory: /clog
The following logs from the local system will be consolidated:
Syslog
If these choices are correct, continue:
Do you want to continue? (y/n) [y]: y
The wizard displays its progress by describing which files are being modified and warns that Ctrl/C is disabled until configuration is done. For a complete description of the modified files, refer to “Manually Configuring Log Consolidation” (page 56).
Copying files that will be modified by the wizard to /var/opt/dsau/root_tmp/clog. These files will be used to restore the system to its current log consolidation configuration, in the event of a failure.
Configuring hostname as a log consolidation server.
Creating
Creating a symbolic link
Updating the syslog configuration:
Updating the /etc/rc.config.d/syslogd file to add
Updating the /etc/syslog.conf file for UDP local loopback.
Starting syslogd for the configuration changes to take effect.
Registering the log consolidation ports in the /etc/services file.
48 Consolidated Logging