HP Mini UX System Adstration manual 55

Shell Authentication set up with the consolidator. You can use the tool /opt/dsau/bin/csshsetup to configure non interactive Secure Shell Authentication.

Do you want to configure Secure Shell port forwarding? (y/n) [y]:

Choose yes in order to use ssh port forwarding. This will encrypt all the traffic sent from this local log forwarding client to the log consolidator.

NOTE: A special ssh security configuration is required on the server when a Serviceguard cluster is the log consolidation server. For details, refer to “ssh Port Forwarding” (page 78).

ssh port forwarding requires an additional free TCP port on the local client system:

You need to choose a free port on this cluster for ssh port forwarding. The port chosen should be free on all cluster nodes.

Enter the ssh port to be used for port forwarding []: 1775

The same guidelines for choosing a free syslog-ngTCP port apply to this port. For details, refer to “Configuring a Log Consolidation Standalone Server with clog_wizard” (page 46). In this example, the local port 1775 was used. For a Serviceguard cluster log forwarding client, the cluster’s syslogs and package logs can be forwarded to the log consolidation server. For a standalone system, the wizard asks only about forwarding syslog messages:

Log files that reside on this cluster can be forwarded to the consolidator.

Would you like to forward this cluster's syslogs? (y/n) [y]: Would you like to forward this cluster's package logs? (y/n) [y]:

When forwarding a cluster’s package logs, manual configuration is required on the consolidation server in order to add the syslog-ngfiltering lines to cause these package logs to be consolidated into their own unique files. See “Manually Configuring a Serviceguard Cluster as a Log Forwarding Client” (page 68) for details.

After all the questions have been answered, the clog_wizard displays the following summary screen:

Summary of Log Consolidation Configuration:

You have chosen to configure clustername as a Log Consolidation Client. Logs will be forwarded to the remote consolidation server clog.usa.xyz.com on port 1776 using the TCP protocol.

The TCP protocol will be used together with Secure Shell

Port Forwarding using port 1775, for added security.

The following logs will be forwarded for consolidation:

Syslog

Serviceguard package logs

Do you want to continue? (y/n) [y]:

Confirm your answers with a “yes” response and the wizard summarizes the configuration steps that it performs:

Copying files that will be modified by the wizard to /var/opt/dsau/root_tmp/clog on each cluster node.

These files will be used to restore the cluster to its current log consolidation configuration, in the event of a failure.

Configuring clustername as a log consolidation client.

The configuration will be done on all cluster nodes.

It will take a few minutes....

Creating the /etc/syslog-ng.conf.client configuration file.