No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Installation Guide

OceanStor 5000, 5000F, 6000, and 6000F V5 Series V500R007

This document is applicable to OceanStor 5110 V5, 5110F V5, 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, and 6800F V5 storage systems. It describes hardware installation of those storage systems for helping you easily and quickly finish the installation.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Syslog Notification

Configuring Syslog Notification

This operation allows you to view storage system logs on a Syslog server.

Configuration Process

This section introduces how to configure the Syslog notification.

Figure 10-22 shows how to configure the Syslog notification. The Syslog notification supports the UDP, TCP and TCP+SSL/TLS protocols. When alarms are reported using UDP and TCP protocols, certificate verification is not required. When alarms are reported using the TCP+SSL/TLS protocol, the configuring certificate verification mode is used to enhance the security of storage system logs.

Figure 10-22 Configuring the Syslog notification

Generating and Exporting a Certificate on the Storage System

This section describes how to generate and export a certificate required for configuring the Syslog notification on the storage system.

Context
  • The certificate generated on the storage system is not signed and requires to be signed on the signature server.
  • If you use a third-party tool to export certificate request files, save the exported private key file as well. These files, together with the signed certificate and CA certificate, are exported to the storage system when the certificates are verified on the storage system.
Procedure
  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > Value-added Service Settings > Credential Management.
  3. Generate and export a Syslog certificate.

    1. Set Certificate Type to Certificate of Syslog.
    2. Select Certificate Key Algorithm from RSA 2048, RSA 4096, and ECC 256. RSA 2048 is the default value and you can select a desired certificate key algorithm to meet actual service requirements.
    3. Click Generate and Export.

      The Save As dialog box is displayed. Select a path to save the certificate and click Save.

Follow-up Procedure

After the Syslog certificate is exported, sign the signature on it.

Signing the Certificate and Exporting the CA Certificate

After exporting the Syslog certificate, you need to sign the signature to activate it and export the CA certificate.

Export the Syslog certificate and sign the signature based on actual conditions. Export the CA certificate at the same time for follow-up procedures.

Importing the Syslog Certificate and CA Certificate

This chapter introduces how to import the Syslog certificate and CA certificate on the storage system to active the Syslog certificate.

Prerequisite
  • The signed certificate and CA certificate already exist.
  • If the certificate file is exported and signed by a third-party tool, ensure that the private key file exists.
Context

If the certificate file is exported and signed by a third-party tool, import the private key file when you import the activated certificate and CA certificate.

Procedure
  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > Value-added Service Settings > Credential Management.
  3. Import and activate the signed certificate.

    1. After the certificate has been signed by the server, click Import and Activate.

      The Import Certificate dialog box is displayed.

    2. Set the certificate type to Certificate of Syslog and import the signed certificate and CA certificate. Table 10-24 describes related parameters.
      Table 10-24 Add certificate parameters

      Parameter

      Description

      Example Value

      Certificate Type

      Certificate types.

      [Example]

      Certificate of Syslog

      Certificate File

      Certificate file that has been exported and signed.

      [Example]

      None

      CA Certificate File

      Certificate file of a server.

      [Example]

      None

      Private Key File

      Private key file of a device.

      [Example]

      None

    3. Click OK.

      The Warning dialog box is displayed.

    4. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation. Then click OK.

      The Success dialog box is displayed.

    5. Click OK.

      The certificate has been successfully imported and activated.

Configuring Syslog Server Certificate and CA Certificate

Perform configurations on the Syslog server to ensure that the certificate and CA certificate on the Syslog server are valid.

The certificate on the Syslog server can be generated by the third-part devices (such as OpenSSL). The certificate can be signed by the third-party signature server, and the signature server can also export the corresponding CA certificate.

NOTE:

Ensure that the signature server used on the Syslog server is the same as that on the storage system.

Enabling the Syslog Notification Function

This operation enables the Syslog server to receive self-defined alarms and events from devices with specified addresses.

Prerequisite
  • You have logged in to DeviceManager as an administrator that has the permission. The following administrators have the permission:
    • Super administrator
    • Administrator
  • Before configuring a domain name for the server, ensure that the DNS server can communicate normally with the storage array or third-party server.
  • For sending alarms to the Syslog server, a storage system only sends the alarms generated after the Syslog server is configured and does not send alarms generated before the configuration.
  • You are advised to deploy only one Syslog server on a host, otherwise you may not receive Syslog notification due to port conflict.
Procedure
  1. Log in to DeviceManager.
  2. Choose Settings > Alarm Settings > Syslog Notification.
  3. Configure the severity, notification type of alarm and address for receiving Syslog messages.

    1. Select Enable.
    2. Configure parameters of the Syslog notification. Description of these parameters are displayed in Table 10-25.
      Table 10-25 Parameters of the Syslog notification

      Parameter

      Description

      Value

      Port

      Indicates the port number of the Syslog notification. The default value is 514.

      NOTE:

      The port number configured on the storage system must be the same as that configured on the Syslog server.

      [Description]

      The value of the port number ranges from 1 to 65535.

      [Example]

      3

      Protocol

      Indicates channels through which the Syslog notification is sent. Possible values include UDP, TCP, and TCP+SSL/TLS. The default value is UDP.

      NOTE:
      • Ensure that the UDP, TCP, TCP+SSL/TLS protocols have been configured on the Syslog server. Security risks arise if the protocol is UDP or TCP. You are advised to select the TCP+SSL/TLS protocol.
      • The protocol configured in the storage system must be the same as that configured on the Syslog server.

      [Example]

      UDP

      Severity

      Indicates the lowest severity of a Syslog alarm that can be sent. Possible values are informational, warning, major, and critical.

      [Example]

      Warning

      Notification Type

      Possible values are Alarm, Alarm Restore Notification, Call Home Collects Logs, and Event.

      [Example]

      Event

      Send Device Name

      Indicates whether the device name should be sent to the Syslog server.

      NOTE:

      After Send Device Name is enabled, the system sends device names to the Syslog notification server. You can choose Settings > Basic Information > Device Information to view device names.

      [Example]

      If you want to send the device name, select the check box. Otherwise, deselect it.

      Receiver server address

      Server IP address or domain name address

      [Value range]

      • An IPv4 address has the following requirements:
        • The 32-bit address is evenly divided into four fields. Each 8-bit field is expressed in dotted-decimal.
        • Each field of the IP address cannot be blank and must be an integer.
        • The value of the first field ranges from 1 to 223 (excluding 127).
        • The values of other fields range from 0 to 255.
        • The IP address cannot be a special address such as the broadcast address.
      • An IPv6 address has the following requirements:
        • The 128-bit address is evenly divided into eight fields. Each 16-bit field is expressed as four hexadecimal digits. The fields are separated by colons.
        • In each 16-bit field, zeros before integers can be removed. However, at least one digit must be reserved in each field.
        • If the IP address contains a long string of zeros, you can represent the neighboring zeros with double colons (::) in the colon-separated hexadecimal field. Each IP address contains only one double-colon (::). The double-colon (::) can also be used to represent neighboring zeros of the IP address.
        • The IP address cannot be a special address such as a network address, loop address, or multicast address.
      • A domain name has the following requirements:
        • A domain name is not case-sensitive and must be an English domain name.
        • An English domain name contains 1 to 255 characters.
        • An English domain name can only contain letters (a to z, A to Z), digits (0 to 9), dots (.), and hyphens (-). It cannot start or end with a hyphen (-).

      [Example]

      192.168.1.100

      fc00::1234

      www.test.com

    3. Add or remove receiver server addresses.
      • Add receiver server addresses.
        1. Click Add.

          The Add Receiver Server Address dialog box is displayed.

        2. Add receiver server addresses.
        3. Click OK.
      • Remove receiver server addresses.
        1. Select receiver server addresses that you want to remove and click Remove.

  4. (Optional) Click Test to test the connectivity between the storage system and Syslog server.
  5. Click Save.

    The Success dialog box is displayed.

  6. Click OK.
Follow-up Procedure

After the alarm notification by Syslog is configured, alarms will be sent to a specified application server or maintenance terminal. The Syslog alarm format is shown as follows:

Info Receive Time | Facility | Severity | Info 
2013/6/19 10:55:19 | Local7 | Error | alam:<186> 2015-06-19 10:47:10 xxx.xxx.xxx.xxx 240788 0xF00A000C Major(1) Hard disk (Controller Enclosure CTE0, slot 2, serial-number XXXXXX) is in single-link state. 
2013/6/19 10:58:53 | Local7 | Error | alam:<188> 2015-06-19 10:57:50 2015-06-19 10:57:50 xxx.xxx.xxx.xxx 241093 0xF0C90001 Warning(2): The Licence feature (xxx) is going to expire on 2015-08-14.

Output description:

Parameter

Meaning

Description

Info Receive Time

Indicates the time when the Syslog server receives the alarm information.

-

Facility

Indicates the information source.

The Facility field indicates the type of an IP address which can be IPv4 or IPv6. The value of this field is LOG_LOCAL7 or LOG_LOCAL6.

Severity

Indicates the information severity level.

The Severity field indicates the severity of an alarm, which can be emergency, error, warning, or information. The value of this field is Emerg, Error, Warn, or Info.

Info

Indicates the content.

The Info fields have a fixed pattern in content. The first field is the name of the process that sends the message. This field can be left blank when certain versions of Syslog protocols are used.

Information in <> represents the prefix of the Syslog protocol, which is stipulated by the Syslog protocol and indicates the severity level and source.

Info contains the array alarm information.

  • Time when an alarm occurs, for example, 2015-06-19 10:57:50.
  • IP address or device SN. It represents the IP address or SN of the storage device that generates an alarm.
  • Alarm SN. It represents the SN generated within the storage device. The value ranges from 1 to 4294967295, for example 240788.
  • Alarm ID. It represents a type of alarm in hexadecimal format, for example, 0xF00A000C.
  • Alarm severity. Alarm severity includes info, warning, major, and critical.
  • Alarm type. Alarm types include event (0), fault (1), and recovery (2).
  • Alarm content. For example: The license feature (xxx) is going to expire on 2015-08-14.
NOTE:

If an alarm is a recovery alarm, the time that an alarm is cleared will be displayed after the time when the alarm occurs, for example, 2015-06-19 10:57:50.

NOTE:

Info Receive Time, Facility, and Severity are defined by the Syslog server. Different tools may parse them in different perspectives and the results may be different.

Translation
Download
Updated: 2019-07-11

Document ID: EDOC1000181531

Views: 93335

Downloads: 868

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next