Filter
Top Products
Troubleshooting
Troubleshooting Kerberos
Chapter 11 295
UNIX Syslog File
The security server daemons, kadmind, kpropd, and kdcd, write error
messages to the system log (/var/adm/syslog/syslog.log) file. You can
also configure the daemons to log the messages in a different file. Use the
following command while starting the daemon, to specify a different file
name:
# kdcd -l <log file name>
or
# kadmind -l <log file name>
However, principal database operations performed locally on the primary
security server using the HP Kerberos Administrator are not recorded
because these programs do not use syslog to audit their activities.
The syslog daemon (syslogd) is configured using the /etc/syslog.conf
file, which controls where your log files are located. For example, you can
configure syslog to send messages to /usr/adm/messages.
The security server daemons log an entry for each transaction and
whether the transaction succeeded or failed. The number of transactions
that are logged in your syslog file is determined by how you have
configured the reporting levels.
The security server uses the following syslog reporting levels:
• LOG_ERR – Displays security server errors.
• LOG_WARNING – Displays security server warnings.
• LOG_NOTICE – Displays secured application server errors.
The server logs information messages through syslog. The syslog file
can grow large if not maintained properly. The syslog file is specified in
/etc/syslog.conf, which has a symbolic link to the
/var/adm/messages directory.
Check the size of this file to make sure it does not use an overwhelming
amount of system disk space. If the /var partition grows to 100 percent
utilization, syslog stops writing log messages and may even shut down
active processes, such as the daemons.
Create a shell script to be executed daily or weekly by cron to check the
syslog file size, partition utilization, or both, and to detect any problems.
In addition, you must archive the syslog files regularly to a separate
partition, drive, or server.