Veritas NetBackup™ Logging Reference Guide
- Using logs
- About unified logging
- About legacy logging
- About global logging levels
- Troubleshooting error messages in the NetBackup Administration Console
- Backup process and logging
- Media and device processes and logging
- Restore process and logging
- Advanced Backup and Restore Features
- Storage logging
- NetBackup Deduplication logging
- OpenStorage Technology (OST) logging
- Storage lifecycle policy (SLP) and Auto Image Replication (A.I.R.) logging
- NetBackup secure communication logging
- NetBackup proxy helper logging
- NetBackup proxy tunnel logging
- Snapshot technologies
- Locating logs
- Java-based administration console logging
About NetBackup secure communication logging
This section provides information about the logs that are used for secure communication logging with the NetBackup hosts. The NetBackup 8.1 and later hosts will securely communicate with each other for all control-type functions. The control-type functions include command execution and the starting of various processes that are required to initiate a backup or restore. Currently, this does not include the bpbkar
or tar
data transfer. The NetBackup 8.1 and later hosts must have a Certificate Authority (CA) certificate and a host ID-based certificate for successful communication. NetBackup uses the Transport Layer Security (TLS) protocol for host communication where each host needs to present its security certificate and validate the peer host's certificate against the Certificate Authority (CA) certificate.
In NetBackup 8.0 and later versions, the master server acts as the CA. The master server depends on the correct installation and configuration of services, such as pbx, nbatd and nbwmc, to deploy the certificates.
In NetBackup 8.1, all of the media and client servers have certificates deployed to them when they are upgraded. If the certificate deployment fails, the media or client server cannot run the backups or restores. Backups and restores will not function if the host did not successfully retrieve both the CA certificate and host ID-based certificate from the master server during the installation or upgrade to NetBackup version 8.1 or later. If the master server pbx, nbatd, or nbwmc
processes are not running, the certificate deployment will not function. In NetBackup 8.1 and later, the backups or restores also will not function.
When you diagnose issues with secure communication and the certificate generation and deployment, the services or processes that run on the master server are typically involved. After verifying that the services are running and are at the expected NetBackup version, the log files described in this section are critical to help determine the issue.
For more details about NetBackup secure communications, see the Read This First for Secure Communications document at the following URL:
https://www.veritas.com/docs/DOC5332
Note:
If you have NetBackup 8.0 or earlier hosts in your environment, you can enable insecure communication by navigating to the NetBackup Administration Console, then to the tab. On this tab, select the option.