CA Directory centralized logging

book

Article ID: 208528

calendar_today

Updated On:

Products

CA Directory DIRECTORY

Issue/Introduction

It may be desirable to keep CA Directory logs for a long while, but there is a risk that the logs consume all available disk space on a machine where DSAs are running.
Therefore from time to time it is necessary to move older logs to some dedicated machine with a large storage.

In case CA Directory is installed on Linux, it is possible to configure rsyslog to send CA Directory log messages to a remote host.

Environment

CA Directory 12.x, 14.x on Linux

Resolution

Prerequisites:

 

On CA Directory machine:

  • Add the following to the end of the /etc/rsyslog.conf file:
module(load="imfile" mode="inotify" PollingInterval="10")
input(type="imfile" addMetadata="on" File="/opt/CA/Directory/dxserver/logs/democorp_warn*" Tag="democorp-warn" Facility="local5")
input(type="imfile" addMetadata="on" File="/opt/CA/Directory/dxserver/logs/democorp_alarm*" Tag="democorp-alarm" Facility="local5")
local5.* @<remote rsyslog server>:514

The above configuration sends democorp DSA alarm and warn messages to a remote machine

  • Restart rsyslogd:
systemctl restart rsyslog.service

On the remote rsyslog server:

  • Add the following to the end of the /etc/rsyslog.conf file:
$template File,"/var/log/%HOSTNAME%/%PROGRAMNAME%.log"
*.* -?File
  • Restart rsyslogd:
systemctl restart rsyslog.service

As a result of the the above configuration democorp-alarm.log and democorp-warn.log files will be created under /var/log/<DSA host>/ folder
Roll-over of warn log is detected by rsyslog, and it switches to a newly created warn log after roll-over.