SP error logging utilizes the BSD syslog facility for recording error events.
To access the Syslog SMIT menu, enter:
smit spsyslog
The syslogd daemon, which logs the errors, is configured with a file designating filters for the incoming messages to determine their destination. The default configuration file is /etc/syslog.conf. BSD syslog errors are classified by the facility that is issuing the error, and by the error's priority value. Refer to syslogd in the IBM AIX Commands Reference for a list of facility and priority values. Entries in the configuration file determine the destination for each error message based on these values. Destinations can be a file, user ID, or the syslogd daemon on another machine. We suggest that error messages be logged locally rather than forwarded to a remote syslogd because of the increased network traffic. File collections can be used to maintain consistent configuration of the syslog facility.
The format of a syslog log file is:
MMM DD HH:MM:SS node_name resource[pid]: msg
Where:
Errors logged by SP components will contain in the message section the following additional information pertaining to the logging resource:
The fastpath invocation for the Generate a Syslog Report menu is:
smit spsyslrpt
To report to the local node all records logged by ftp for all syslog log files on nodes in the current system partition, enter:
psyslrpt -a -r ftp
To report all records that logged to files selected for the daemon and user facilities starting on March 3 and to report the records to the local node from nodes host1 and host2, enter:
psyslrpt -w host1,host2 -f user,daemon -s 03030000
For complete details on the psyslrpt command, refer to the PSSP: Command and Technical Reference.
The size of syslog log files is not configurable and will continue to grow until manually trimmed.
The fastpath invocation for the Trim Syslog Log Files menu is:
smit spsyslclr
|To trim all entries older than 30 days from all syslog log files |specified in the syslog configuration file /etc/syslog.conf, |on all nodes in the local system partition, enter:
|psyslclr -a -y 30
|To trim all records older than 30 days from any log file, for instance the |/var/adm/SPlogs/SPdaemon.log file on the local node, use the |-l option such as:
|psyslclr -y 30 -l /var/adm/SPlogs/SPdaemon.log
|To trim all records from all log files specified in an alternate syslog |configuration file, for instance one named |/u/local/syslog.conf, use the -g option such |as:
|psyslclr -g /u/local/syslog.conf -y 0
The psyslclr command can be added as a crontab entry for performing scheduled syslog trimming. On the control workstation, the psyslclr command is used to trim daemon facility messages older than six days. This is done in the /usr/lpp/ssp/bin/cleanup.logs.ws script that is run from the crontabs file on the control workstation. (See Chapter 13, Maintaining the crontabs file for more information.)