Find it

Tuesday, July 14, 2009

Forwarding AIX Error Messages to a Central Host

System administrators should check AIX's error log daily to look for problems that might cause an outage. The command to check the error log is "errpt" or "smit errpt".

Checking the error logs can be time consuming if you support large number of hosts. Here's a procedure to automatically send error log entries to a central host. The procedure involves creating an ODM entry that immediately runs the "logger" command when any error is logged. The "logger" command sends the error message to the local syslog demon , which forwards it to a central host.

On each AIX host that you want to monitor the error log:

1. Create an ODM entry to run the "logger" command whenever an error is logged.

# vi /tmp/syslog.add
errnotify:
en_name="syslog1"
en_persistenceflg = 1
en_method = "logger -pnotice Msg from Error Log: $(errpt -a -l $1 grep -v'ERROR_ID TIMESTAMP')"

2. Add the entry to ODM

# odmadd /tmp/syslog.add

3. Add a syslog entry to forward "notice" priority messages to remote host "centhost"

# vi /etc/syslog.conf
*.notice @centhost

4. Refresh the syslog demon to pick up the new entry
# refresh -s syslogd


On the central host "centhost" where you want to collect error logs:

1. Add a line to the syslog.conf file that saves the messages to a file

# vi /etc/syslog.conf
*.notice /var/central_syslog.txt

2. Create an empty log file (file must exist for syslog to use it).

# touch /var/central_syslog.txt

3. Refresh the syslog demon to pick up the new entry

# refresh -s syslogd

There are multiple variations on forwarding error messages. For example, you can email error notifications. To do so, skip the syslog steps, and change the en_method in the errnotify stanza to

en_method = "errpt -a -l $1 mail -s 'Error Log' nilesh_rjoshi@xxxx.com"


No comments:

Post a Comment