Configuration

After installing the probe, you need to make various configuration settings to suit your environment.

The /etc/syslog.conf file needs to be modified to send all messages to either a log file or a named pipe (FIFO). By default, the probe will attempt to read a message from a log file called /var/log/ncolog. Before running the probe, check that this file exists; if it does not, create an empty file with that name.

To set syslog to write to this file, add the following line to the /etc/syslog.conf file:

*.debug	/var/log/ncolog

Note: This line must not be the first line of the /etc/syslog.conf file. If it is, it will activate a bug in syslog, where it attempts a check on the first file in the first entry in the /etc/syslog.conf file, and this will make the syslog system unstable. Also note that some implementations of syslogd are limited to 20 valid entries in the /etc/syslog.conf file.

The line specified will write all syslog messages to the file. It is also possible to configure syslogd to only write particular messages to the file. Refer to the UNIX online manual pages for syslogd.conf for more details.

If you want to configure the probe to read from a named pipe (FIFO) instead of a log file, it will be necessary to create this FIFO before starting the probe. To do this you need to issue a mknod command at the UNIX prompt. For example, if you want the named pipe used by syslogd and the Syslog Probe to be /var/adm/nco you would need to execute the following:

mknod /var/adm/nco p

Refer to the UNIX online manual pages for mknod for further details.

Alternatively, you can create the named pipe using the following command:

mkfifo /var/adm/nco