GTAsyslog

The GTAsyslog configuration dialog in DBmanager allows the user to select logging optionsñhow the GTAsyslog and LogView utilities operate, and how GTA Reporting Suite accesses recorded data. With a license, GTAsyslog writes data to GTA Reporting Suite, as well as to the circular file.

Requirements

GTAsyslog Installation

  1. Read the license agreement; if you accept the terms, click YES.

  2. Select an installation destination for the utilities. (C:\Program Files\GTA)

  3. Select an installation destination for the log files. (C:\Program Files\GTA\GTAsyslog\Logs)

  4. Choose the typical (default) setup to install the utilities ñ GTAsyslog, DBmanager and LogView ñ and Documentation.

  5. Review installation, then allow the installer to continue.

  6. In the Select Service Owner window, enter the user name and password for an administrator-level local account The account will be set up if it does not already exist. (GTAsyslog will be run in the context of the Service Owner user identity. For instructions on changing GTAsyslogís identity, see Chapter 6 ñ Troubleshooting.)

  7. Select whether to install program icons and the Java Runtime Environment (JRE).

  8. Complete the installation of the JRE, if selected, and GTAsyslog.

Database Conversion

If a database already exists on your system, and the GTAsyslog installation detects it, a conversion dialog will appear. These functions can also be performed from the Database menu in DBmanager.

GTAsyslog Configuration

The GTAsyslog configuration dialog allows the administrator to select how GTAsyslog operates, where log files are kept, and which ports will be used by GTAsyslog and LogView. GTAsyslog writes data both to a circular file and to the database configured for GTA Reporting Suite and allows desired firewalls to be substituted for those that are currently monitored.

Circular File

GTAsyslog automatically writes log data to a circular file in the standard WebTrends Enhanced Log Format (WELF). The file buffer size is dependent on the system and memory configuration. When the buffer is filled, GTAsyslog begins writing over older data. For instance, if the maximum number of files is five, and the maximum size of each log is 400 kilobytes, then when five log files each have been written, the first log file will be overwritten by the next consecutive log file. Circular file data can be viewed as it is written using LogView. Logs can be opened as text in a text editor.

Licensed Firewalls

Once GTA Reporting Suite has been licensed, GTAsyslog begins logging the data of firewalls that report. All firewall information will go to the circular file, but if the number of firewalls logging exceeds the number of GTA Reporting Suite licenses, GTAsyslog will log the data of the first firewalls to report, up to the number of licenses, and no others will be able to log to the database.

Current Firewalls (Add and Delete Monitored Firewalls)

GTAsyslog provides a way to substitute different firewalls for those currently monitored; this is mostly used in the case when the number of firewalls reporting to GTAsyslog exceeds the number of licenses, and other firewalls besides those that reported first are desired.

GTAsyslog Fields

GTAsyslog Port Default ñ 514.

LogView Port Default ñ 2630.

Max number of files Log entries retained before overwriting. Default 20.

Max sixe of each file Maximum file size for each log. Default ñ 400 K.

File Directory Circular log file name and location. Default C:\GTA\GTAsyslog\Logs.

Current Firewalls Host names of firewalls monitored by GTAsyslog for GTA Reporting Suite.

(New firewall icon) Add a firewall to the monitored list manually.

(Delete icon) Stop monitoring a reporting firewall.

¨ Note

GTA Reporting Suite requires compatible log files in WELF. GTA recommends using GTAsyslog log files.