|
We are tracking logins to our MDS using fw.adtlog
as part of SOX compliance. It also helps us in determining who has logins and is
not using them. I am hopeful CP can include a fix for this soon.
Having said that, there are issues with fwm
logexport on the gateways themselves - fortunately I don't need to export logs
on the gateways, but the problem exists there as well. So I am
noticing:
* MDS cannot run fwm logexport on
fw.adtlog
* gateways cannot run fwm logexport
However, fwm logexport will work within the
environment of any CMA on the MDS. Just can't run it from the MDS's
environment (i.e. run mdsenv with no
arguments)
For the MDS issue, I simply "mdsenv SOME_CMA" then run fwm logexport -i
$MDSDIR/log/fw.adtlog -- and it produces the result I want.
Logexport is critical since it uses semicolon delimiting and can be parsed
easily by scripts, and also can be controlled with logexport.ini.
----- Original Message -----
Sent: Sunday, February 08, 2009 8:31
AM
Subject: Re: [fw1-gurus] fwm logexport -
does it work against MDS in NGX-R65?
I have never seen 'fwm logexport' work in P-1 environment - it
is perhaps have to do it w/ how:
"You cannot run regular management
server in Provider-1 environment
Please try to use 'fwm mds'
instead"
I could verify again your 'fwm logexport -i
$MDSDIR/log/fw.adtlog'
Now, in my lab env, I have my MDS Manager and
Container sitting on separate hosts - I had to scp 'fw.adtlog' from my MDS Mgr
to /var/tmp on my Container - hence the path to /var/tmp:
changed env
'mdsenv cma_name' and ran your command:
'fwm logexport -i
/var/tmp/fw.adtlog -o mdsadtlogexport' which worked fine and gave me nice
ascii conversion:
# fwm logexport -i /var/tmp/fw.adtlog -o
mdsadtlogexport
Starting... There are 166 log records in the file
In
short, 'fwm logexport' needs work from CP to work in 'fwm mds' env. Rob Hughes
is right - you have to open a CP ticket on this ...and I can confirm sk36423
appears some 'internal only' solution and not visible publicly - Rob is a
privileged internal guy:-)!
By the way, the only more relevant logs in
$MDSDIR are 'audit logs' - do you need them exported regularly in ascii? Also,
were you able to run 'fwm logexport' in any earlier version of P1 - as I said,
I had never been able to run it before whenever I tried couple of times
before?
Rajeev
On Sat, Feb 7, 2009 at 10:51 PM, Hal Jackson <hal_jackson@xxxxxxxxxxx>
wrote:
This is on the P-1 server, not the gateways.
The P-1 server was upgraded from NGX-R62 no HFA to NGX-R65.
I did a search on sk36423 and didn't find
anything but I saw some others fixed the issue that way. We usually just
export on the management, not the gateways, and we are only having problems
exporting the MDS's logs (CMA logs work)
Someone in the "community" section of the CP
support site suggests there might be an issue with a file lock, but that
doesn't explain why mdsenv to another CMA allows the command to work -
mdsenv is mainly changing env variables.
-----
Original Message -----
Sent:
Saturday, February 07, 2009 10:35 PM
Subject:
Re: [fw1-gurus] fwm logexport - does it work against MDS in NGX-R65?
Should work. Were the firewalls upgraded? If so, you might
want to open a ticket and mention sk36423.
-----Original Message-----
From: Hal
Jackson [mailto:hal_jackson@xxxxxxxxxxx]
Sent: Saturday,
February 7, 2009 03:22 PM
To: 'FW1 Gurus'
Subject:
[fw1-gurus] fwm logexport - does it work against MDS in
NGX-R65?
|
Using Provider01.
We use fwm logexport to generate
reports.
Can't get it work under NGX-R65, base
version or with any hotfix including up to HFA 40.
Get the message "failed to convert
database".
|
_______________________________________________
fw1-gurus
mailing list
fw1-gurus@xxxxxxxxxxxxxxxxxx
http://lists.phoneboy.com/listinfo.cgi/fw1-gurus-phoneboy.com
|