Veritas NetBackup™ Flex Scale Best Practices and Troubleshooting Guide
- Introduction
- Configuration requirements
- Best practices
- NetBackup Flex Scale tuning and sizing
- Troubleshooting NetBackup Flex Scale
- Collecting logs for cluster nodes
- Forwarding logs to an external server
- Troubleshooting NetBackup Flex Scale issues
Configuring log forwarding
You can forward the appliance system logs (syslogs) to an external log management server. Your log management server must support the Rsyslog client.
Alerts are generated if the settings on the cluster nodes are inconsistent or if one of the cluster nodes is down and unable to forward the logs to the log server. When you add a node to the cluster, the log forwarding settings are synced to the newly added node.
To configure log forwarding:
- Use any one of the following options to sign in:
Use a user account with both Appliance Administrator and NetBackup Administrator role, or a user account with only an Appliance administrator role to log in to the NetBackup Flex Scale web interface
https://ManagementServerIPorFQDN/webui
where ManagementServerIPorFQDN is the public IP address, the FQDN, or the short host name that you specified for the management server during the cluster configuration, and then in the left pane do one of the following:Click Cluster Management > Cluster settings > Security management > Log forwarding
Click Cluster Management > Cluster dashboard > Security Meter > View details > Auditing and alerting > Log forwarding
Use a user account with an Appliance Administrator role to log in to the NetBackup Flex Scale infrastructure management console
https://ManagementServerIPorFQDN:14161
where ManagementServerIPorFQDN is the public IP address, the FQDN, or the short host name that you specified for the management server and do one of the following:Click Dashboard > Security Meter > View details > Auditing and alerting > Log forwarding
Click Settings > Security management > Log forwarding
- Click Configure.
- Enter the following details:
Field
Description
Server FQDN or IP address
FQDN or the IP address of the external log management server.
Server port
Port number of the external log management server. Default port is 514. You can specify a different port if the cluster nodes are configured to communicate with the log server using that port.
Protocol
Select either UDP or TCP. TCP is the default protocol. With TCP protocol, you can optionally enable TLS log transmission.
Note:
Enabling TLS requires that you upload certificates obtained from CA authority and a private key to the appliance.
Log polling interval
Set the interval in minutes for forwarding the syslogs to the external log server. The options are 15, 30, 45, 60, Continuous. If you select Continuous, the appliance continuously forwards logs to the log server.
Device vendor
Unique name for the external log server.
Enable TLS log transmission
If you want to secure the transmission of logs from the appliance to the log server, select Enable TLS log transmission and upload the required certificate files. Veritas recommends that you enable TLS for security purposes.
This option provides end-to-end security of data sent over the network from the appliance to the log server. You need a CA certificate and the client private key to configure TLS log transmission.
This option is available only if you select the TCP protocol.
If you enable secure log transmission, upload CA certificate (X.509 certificate for the certificate authority in PEM format), client certificate (X.509 certificate for the appliance to communicate with the log management server, in PEM format), and client certificate key (RSA key of the client certificate) onto your log server and then upload the certificates to the appliance.
Modules
Types of logs that are forwarded to the log server. Only the OS logs are forwarded and the syslog option is selected by default.
- Click Enable.
A notification about the task is displayed on the top of the page. To monitor the progress, click View details. After the configuration is completed successfully, a notification is displayed on top of the page. The log forwarding status is shown Enabled and the start time for forwarding the logs is displayed.