Veritas NetBackup™ Logging Reference Guide

Last Published:
Product(s): NetBackup (8.0)
  1. Using logs
    1.  
      About logs
    2.  
      About UNIX system logs
    3.  
      About log retention in NetBackup
    4.  
      About limiting the size of unified and legacy logs
    5. About unified logging
      1.  
        Gathering unified logs for NetBackup
      2.  
        Types of unified logging messages
      3.  
        File name format for unified logging
      4.  
        Originator IDs for the entities that use unified logging
      5.  
        About changing the location of unified log files
      6.  
        About rolling over unified log files
      7.  
        About recycling unified log files
      8.  
        About using the vxlogview command to view unified logs
      9.  
        About query strings used with the vxlogview command
      10.  
        Examples of using vxlogview to view unified logs
      11.  
        Examples of using vxlogmgr to manage unified logs
      12.  
        Examples of using vxlogcfg to configure unified logs
    6. About legacy logging
      1.  
        UNIX client processes that use legacy logging
      2.  
        PC client processes that use legacy logging
      3.  
        File name format for legacy logging
      4.  
        Directory names for legacy debug logs for servers
      5.  
        Directory names for legacy debug logs for media and device management
      6.  
        How to control the amount of information written to legacy logging files
      7.  
        About limiting the size and the retention of legacy logs
      8.  
        Configuring the legacy log rotation
    7. About global logging levels
      1.  
        Changing the logging level
      2.  
        Changing the logging level on Windows clients
      3.  
        Setting Media Manager debug logging to a higher level
    8.  
      Setting retention limits for logs on clients
    9.  
      Logging options with the Windows Event Viewer
    10. Troubleshooting error messages in the NetBackup Administration Console
      1.  
        About extra disk space required for logs and temporary files
      2.  
        Enabling detailed debug logging
  2. Backup process and logging
    1.  
      Backup process
    2. NetBackup process descriptions
      1.  
        Backup and restore startup process
      2.  
        Backup and archive processes
      3.  
        Backups and archives - UNIX clients
      4.  
        Multiplexed backup process
    3.  
      About backup logging
    4.  
      Sending backup logs to Veritas Technical Support
  3. Media and device processes and logging
    1.  
      Media and device management startup process
    2.  
      Media and device management process
    3.  
      Shared Storage Option management process
    4.  
      Barcode operations
    5.  
      Media and device management components
  4. Restore process and logging
    1.  
      Restore process
    2.  
      UNIX client restore
    3.  
      Windows client restore
    4.  
      About restore logging
    5.  
      Sending restore logs to Veritas Technical Support
  5. Advanced Backup and Restore Features
    1.  
      SAN Client Fiber Transport backup
    2.  
      SAN Client Fiber Transport restore
    3.  
      Hot catalog backup
    4.  
      Hot catalog restore
    5. Synthetic backups
      1.  
        Creating legacy log directories to accompany problem reports for synthetic backup
      2.  
        Logs to accompany problem reports for synthetic backups
  6. Storage logging
    1.  
      NDMP backup logging
    2.  
      NDMP restore logging
  7. NetBackup Deduplication logging
    1.  
      Deduplication backup process to the Media Server Deduplication Pool (MSDP)
    2.  
      Client deduplication logging
    3.  
      Deduplication configuration logs
    4.  
      Media server deduplication/pdplugin logging
    5.  
      Disk monitoring logging
    6.  
      Logging keywords
  8. OpenStorage Technology (OST) logging
    1.  
      OpenStorage Technology (OST) backup logging
    2.  
      OpenStorage Technology (OST) configuration and management
  9. Snapshot technologies
    1.  
      Snapshot Client backup
    2.  
      VMware backup
    3.  
      Snapshot backup and Windows open file backups
  10. Locating logs
    1.  
      acsssi logging
    2.  
      bpbackup logging
    3.  
      bpbkar logging
    4.  
      bpbrm logging
    5.  
      bpcd logging
    6.  
      bpcompatd logging
    7.  
      bpdbm logging
    8.  
      bpjobd logging
    9.  
      bprd logging
    10.  
      bprestore logging
    11.  
      bptm logging
    12.  
      daemon logging
    13.  
      ltid logging
    14.  
      nbemm logging
    15.  
      nbjm logging
    16.  
      nbpem logging
    17.  
      nbproxy logging
    18.  
      nbrb logging
    19.  
      NetBackup web services logging
    20.  
      NetBackup web server certificate logging
    21.  
      PBX logging
    22.  
      reqlib logging
    23.  
      robots logging
    24.  
      tar logging
    25.  
      txxd and txxcd logging
    26.  
      vnetd logging
  11. Java-based administration console logging
    1.  
      About the Java-based administration console logging
    2.  
      Java-based administration console logging process flow
    3.  
      Setting up a secure channel between the Java-based administration console and bpjava-*
    4.  
      Setting up a secure channel between the Java-based administration console and either nbsl or nbvault
    5.  
      Java-based administration console logging configuration on NetBackup servers and clients
    6.  
      Java-based remote administration console logging on a Windows computer where NetBackup is not installed
    7.  
      Configuring and gathering logs when troubleshooting Java GUI issues
    8.  
      Undo logging

Setting up a secure channel between the Java-based administration console and bpjava-*

The following steps describe the process flow to set up a secure channel between the Java-based administration console and bpjava-*:

Note:

The following processes are used: bpjava-msvc, which controls the login and authentication; bpjava-susvc, which is the administrator console process; and bpjava-usvc, which is the client Backup, Archive, and Restore (BAR) interface.

  1. The user initiates a login to the console. The credentials are sent to bpjava-msvc over the SSL (using the Server Security Certificate).

  2. The bpjava-msvc process authenticates the user who is using the user credentials that were received in step 1.

  3. After the user is authenticated, the bpjava-msvc process performs the following:

    • Generates entities called self-signed session certificate, key, and session token.

    • Launches the daemon bpjava-*usvc to gather more requests from the NetBackup Java-based administration console.

    • Passes the self-signed session certificate and the session token to bpjava-*usvc.

      Note:

      The bpjava-*usvc process uses a session certificate as a Server Security Certificate for the SSL channel. It uses the session token to authenticate the Java-based administration console. The console does not use credentials while it connects to the bpjava-*usvc process. The Java-based administration console uses the session token for authentication.

    • Sends the session token and the fingerprint of the session certificate to the Java-based administration console.

    • Persists session token and user information to a secure directory (install_path/var; for example, usr/openv/var) in a file on the NetBackup host. This directory is accessible only to the root/administrator. The file name format is as follows:

      hash(session token)_bpjava-*usvc_pid

      Note:

      msvc saves this information so it can be used by nbsl or nbvault to authenticate the Java-based administration console.

    • The msvc process stops the execution and exits.

  4. bpjava-*usvc uses the session certificate to start the secure channel with the Java-based administration console. This is a one-way authenticated SSL channel. (Only the server certificate is present and there is no peer certificate. There is no certificate from the Java-based administration console side.)

  5. The Java-based administration console receives the session certificate as a part of the initial SSL handshake. It verifies the authenticity of the session certificate by using the pre-existing fingerprint of the session certificate (see step 3). The Java-based administration console calculates the fingerprint of the session certificate that was received from bpjava-*usvc due to the SSL handshake. It compares the new fingerprint with the fingerprint sent by msvc.

  6. Once the authenticity of the certificate is verified, the Java-based administration console sends the session token (received in step 3) to bpjava-*usvc.

  7. bpjava-*usvc verifies the received session token with the pre-existing one (see step 3).

  8. The success of the session token validation creates trust between bpjava-*usvc and the Java-based administration console.

  9. All further communication occurs between bpjava-*usvc and the Java-based administration console on this trusted secure channel.