Configuring remote monitoring that uses the predefined configuration files

Before you can remotely monitor log files, you must modify the IBM® Tivoli® Monitoring Log File Agent (LFA) configuration files.

About this task

This procedure describes how to use the predefined files that are delivered with IBM Operations Analytics. The files are in the <HOME>/IBM/LogAnalysis/IBM-LFA-6.30/config/lo directory. This directory includes configuration and format files for WebSphere® Application Server, DB2®, and the Generic Annotator Pack.

To enable remote monitoring, you edit the relevant LFA configuration files for your custom Insight® Pack. These files use either the .fmt or .conf file formats.

The following files are installed for the Generic Annotator Pack. For example, if you did use these files in a custom Insight Pack, you must edit one or both of these files to enable remote monitoring:
  • GAInsightPack-lfageneric.conf
  • GAInsightPack-lfageneric.fmt

Procedure

  1. Open the configuration file that you want to use for remote monitoring.
  2. Define the following settings that are required for remote monitoring:
    DataSources
    Specify the data source that you want to monitor. If you are specifying multiple data sources, they must be comma-separated and without spaces. When you configure a remote directory in the LFA conf file, the directory you specify must not contain any subdirectories.
    SshAuthType

    You must set this value to either PASSWORD or PUBLICKEY.

    If you set this value to PASSWORD, IBM Operations Analytics Log Analysis uses the value that is entered for SshPassword as the password for Secure Shell (SSH) authentication with all remote systems.

    If you set this value to PUBLICKEY, IBM Operations Analytics Log Analysis uses the value that is entered for SshPassword as pass phrase that controls access to the private key file.

    SshHostList

    You use the SshHostList value to specify the hosts where the remotely monitored log files are generated. IBM Operations Analytics Log Analysis monitors all the log files that are specified in the LogSources or RegexLogSources statements in each remote system.

    If you specify the local machine as a value for this parameter, the LFA monitors the files directly on the local system. If you specify that the localhost SSH is not used to access the files on the system, IBM Operations Analytics Log Analysis reads the files directly.

    SshPassword

    If the value of the SshAuthType parameter is PASSWORD, enter the account password for the user that is specified in the SshUserid parameter as the value for the SshPassword parameter.

    If the value of the SshAuthType parameter is PUBLICKEY, enter the pass phrase that decrypts the private key that is specified in the SshPrivKeyfile parameter.

    SshPort

    You specify the TCP port that is used for SSH connections. If you do not enter anything, this value is defaulted to 22.

    SshPrivKeyfile

    If the value of the SshAuthType parameter is set to PUBLICKEY, enter the directory path to the file that contains the private key of the user that is specified in the SshUserid parameter as the value for this parameter.

    If the value of the SshAuthType parameter is not set to PUBLICKEY, this value is not required.

    SshPubKeyfile

    If the value of the SshAuthType parameter is set to PUBLICKEY, enter the directory path to the file that contains the public key of the user that is specified in the SshUserid parameter as the value for this parameter.

    If the value of the SshAuthType parameter is not set to PUBLICKEY, this value is not required.

    SshUserid

    Enter the user name from the remote system that the agent uses for SSH authentication.

  3. Save your changes.

Example

For example:
===============
SshHostList=host1,host2,host3
SshUserid=loguser
SshAuthType=PASSWORD
SshPassword=<password>

=====================
SshHostList=host1,host2,host3
SshUserid=loguser
SshAuthType=PUBLICKEY
SshPrivKeyfile = <SshUserid_Private_Key_File_Path>
(Or)
SshPubKeyfile = <SshUserid_Private_Key_File_Path>

======================
where <password> is the password that you want to use.
<SshUserid_Private_Key_File_Path> is the full path for the file that contains the private key of the user that is specified in the SshUserid user. For example, if you save the password to a file called password.txt in the <HOME>/utilities directory, the full path is as follows:
SshPrivKeyfile = <HOME>/utilities/password.txt