NSRLOGD(8)
NSRLOGD(8)
NAME
Nsrlogd - daemon providing the NetWorker auditlog service.
SYNOPSIS
nsrlogd
DESCRIPTION
The nsrlogd daemon is a logging service that logs the NetWorker Secu-
rity Audit Messages. These audit messages are logged into the security
audit file and are viewable only by a user who has a Security Adminis-
trator role.
The logging service is configured by the NSR auditlog RAP resource. The
NSR auditlog resource is created by default and cannot be deleted.
Only users with the Security Administrator role can change the
resource. The service can be disabled by setting the logging server
hostname to an empty value.
The nsrlogd service starts by default and can be configured to run on
any NetWorker client.
There can be only one logging service running per NetWorker data zone.
However, one client may be part of multiple NetWorker data zones, and
such a client may be the log server for each of those data zones. In
this configuration, only one nsrlogd daemon will run on the logging
server and it will provide logging service for all configured clients
in the data zones. The nsrlogd service is always spawned by nsrexecd
daemon, depending on the client configured in NSR auditlog RAP resource
in NetWorker server.
ATTRIBUTES
The nsrlogd daemon is configured using NSR auditlog RAP resource. The
information in parentheses describes how the attribute values are
accessed. Read-only indicates that the value cannot be changed by an
administrator. Read/write means the value can be set and read. Choice
list means that any number of values can be chosen from the given list.
Static attributes change values rarely.
name (read-only, static)
This attribute specifies the name of security audit file. The
name of the security audit file cannot be modified and by
default it has the following format:
<Net-Worker_server_name>_sec_audit.raw
administrator (read/write, static)
This attribute specifies the list of user/administrator allowed
to administer this NSR auditlog resource.
auditlog hostname (read/write, static)
This attribute specifies the logging server host name. The
auditlog host must be a client of NetWorker server. If empty
value is entered for the auditlog hostname, then auditlog ser-
vice is disabled.
auditlog filepath (read/write, static)
The path where the security audit raw file is to be placed. If
the path does not exist, it will be created. The rendered secu-
rity audit log file, if enabled, is also placed in the same
directory.
auditlog severity (choice, read/write, static)
This attribute specifies the filter for severity of the messages
that are logged. The choices are: debug, information, notice,
warning, intervation, error, sever, critical, alert, and emer-
gency. By default the severity is set to error.
Example:
If the auditlog severity is set to critical, then only messages
that has severity critical and above are logged into security
auditlog file.
auditlog rendered service (choice, read/write, static)
Service used for logging the rendered messages. Messages are
rendered to the locale specified by the option auditlog rendered
locale. By default, messages are rendered in English. The
choices are:
none: Messages are not rendered.
local: Messages are rendered to a log file. The rendered log
file takes the form <NetWorker_server_name>_sec_audit.log.
syslog: Messages are rendered and sent to the syslog service.
This option is only valid on logging servers running a Unix-
based operating system.
eventlog: Messages are rendered and sent to the Windows Event
Log service. This option is only valid on logging servers run-
ning a Microsoft Windows operationg system.
auditlog rendered locale (read/write, static)
Locale is used for rendering messages. The value for this option
is applicable only when the auditlog rendered service is set to
local/syslog/eventlog. This value must match a NetWorker-sup-
ported locale installed on the logging server. If the locale is
not supported then the messages are rendered in English.
auditlog maximum file size MB (read/write, static)
The maximum size of the log file is specified in MB. When the
file size reaches -5% to +5% of the maximum file size specified,
the log file is rolled over. Default value is set to 2.
auditlog maximum file version (read/write, static)
The number of versions of the log files to keep during rollover
before they are deleted. A value of zero specifies all versions
are retained. Default value is set to 0.
auditlog server parallelism (read/write)
This attribute is used to optimize performance on NetWorker
server. The default value is set to 10. This value specified is
used to calculate the number of threads used by the NetWorker
server to mirror auditlog resource to all the clients. The num-
ber of threads is calculated by the ratio of number of clients
in a datazone to this value.
Example:
If the total number of clients in the datazone is 100, and the
auditlog server parallelism is set to 5. Then the number
threads used by the NetWorker server to mirror auditlog resource
to all the clients is 100 / 5 = 20.
SEE ALSO
nsr(5), nsr(8), nsrexecd(8), nsr_render_log(8)
NetWorker 8.0.1 Dec 02, 12 NSRLOGD(8)