2 KiB
AIX errlogger to remote syslog
Instructions for how to forward errlogger messages from IBM AIX and IBM Power Systems VIO Servers to a remote logging solution.
More information about the AIX errlogger is available on the IBM knowledge center.
On each AIX / VIO Server
Prepare the local syslog service
Configure the local syslog service to forward messages to our remote syslogd service.
Create an empty local log file:
touch /var/log/error.log
Add the following to the /etc/syslog.conf file:
# Remote logging to remote host on port 514/UDP (AIX does not support non-default port number)
*.warn @10.32.64.1
# Also log to a local file, rotated daily and kept for 7 days
*.warn /var/log/error.log rotate time 1d files 7
# Optionally log authentication messages to remote host
#auth.info,authpriv.info @10.32.64.1
We use 10.32.64.1 as our remote syslog server in the above example.
Restart the syslogd service:
refresh -s syslogd
Forward errlogger to the local syslog
We configure the AIX error logger to forward messages to the local syslog service.
Create an odm errnotify logging template file:
cat << EOF >/tmp/err.tpl
errnotify:
en_name = "syslog1"
en_persistenceflg = 1
en_method = "/usr/bin/logger -plocal0.err [errnotify] seq: \$1 - \$(/usr/bin/errpt -l \$1 | tail -1)"
EOF
Add the template:
odmadd /tmp/err.tpl
Verify messages show up in the local syslog /var/log/error.log file:
odmget -q"en_name='syslog1'" errnotify
errlogger system Test
Notes
If you need to delete the errnotify again:
odmdelete -o errnotify -q"en_name=syslog1"
To lookup err message details by a seq. no, run:
errpt -a -l [seq-no]
Or from the padmin shell:
errlog -ls -seq [seq-no]