S-TAP agents are
installed in a partition with root privileges; by default they are installed into the
/root partition based directories. For customers with limited root file systems
size, follow these best practice recommendations to prevent the S-TAP agent from
generating logs or dumps on the /root partition.
Procedure
-
Redirect the S-TAP debug log to a
partition whose size is larger than /root. By default the S-TAP log writes to
the /tmp directory. Change the write directory using one of the
following:
- Use the GuardAPI command update_stap_config. This example redirects the logs
to /var: xxx.xxx.xxx.xxx.com> grdapi update_stap_config stapHost=xxxx
updateValue=TAP.tap_log_dir:/var
- In the guard_tap.ini file, change the parameter
tap_log_dir value to the new target directory. For example,
tap_log_dir=/var. Restart the S-TAP.
- Redirect the core dumps to a partition outside of /root that is
larger in size. (By default the cores are generated in the <guard install dir>.) On Linux
systems:
- Open the file /etc/abrt/abrt.conf
- Set DumpLocation = <desired location>
- Restart the service with: restart abrt.service
- Rotate the log files using one of the following options:
- Use the guard_monitor tool that is part of Guardium S-TAP agent to
redirect and rotate Guardium logs. See:Linux-UNIX: S-TAP Monitor (guard_monitor). Specifically,
use these parameters:
; maximum file size of monitor log file (KB)
monitor_log_rotate_size=1024
; number of rotated monitor logs to keep
monitor_log_rotate_num_kept=5
; maximum file size of log files (KB)
log_rotate_size=4096
; number of rotated logs to keep
log_rotate_num_kept=5
; logs to rotate
logs_to_rotate=/tmp/guard_stap.stderr.txt,/tmp/guard_stap.stdout.txt,/usr/local/guardium/guard_stap/ktap/ktap_install.log,/usr/local/guardium/guard_stap/guard_discovery.stderr.log
Note:
Set
logs_to_rotate to include any redirected log files as described in
1. For example, if you redirected logs to
/var, then
logs_to_rotate would be:
logs_to_rotate=/var/guard_stap.stderr.txt,/var/guard_stap.stdout.txt,/usr/local/guardium/guard_stap/ktap/ktap_install.log
On some OS other log files may get used and can therefore be included for rotation. For example:
logs_to_rotate=/tmp/guard_stap.stderr.txt,/tmp/guard_stap.stdout.txt,/var/log/ktap_install.log,/opt/guardium/guard_stap/guard_discovery.stderr.log,/var/log/ktap.log,/var/guard_stap.stderr.txt,/var/guard_stap.stdout.txt,/usr/local/guardium/guard_stap/ktap/ktap_install.log,/usr/local/guardium/guard_stap/guard_discovery.stderr.log,/var/tmp/ktap-trace.txt
- Use the Unix native Log rotation logrotate or any comparable software, to manage logs on
the DB server.