Table of Contents
Advertisement
Managing Log Volume
Automatic Device Log Cleanup
Copyright © 2010, Juniper Networks, Inc.
Security administrators have different requirements for the number of log entries they
need to retain. As directed by their corporate security policy, some administrators must
keep all log entries, resulting in large numbers of log entries that the administrator might
not have time to review, but needs to store.
To manage log volume, you can use the NSM UI to both archive and purge logs.
NOTE: Excessive logging creates additional traffic on your network. It is
recommended that you balance your logging needs with the performance
needs of your management system.
You can also export your log records to other formats for use in other applications. For
details on how to forward logs, see "Forwarding Logs" on page 796.
In NSM, logs are gathered and stored by the Device Server. In a given deployment, the
Device Server can be deployed on the same machine as the GUI Server or on a separate
machine. When determining disk space requirements for NSM, you must consider a log
management strategy that optimizes the performance of your management system.
The
/usr/netscreen/DevSvr/var/devSvr.cfg
you can use to manage log disk space.
—If you configure this parameter, the Device Server triggers a
storageManager.alert
warning when the available disk space falls below the configured value. The default
value is 1500 MB. The user receives an e-mail alert about the low availability of free
disk space on the Device Server.
NOTE: Use the Server Manager node in the NSM UI to configure e-mail
notification. Refer to "Configuring Servers" on page 698 for more information.
storageManager.minimumFreeSpace
free disk space value. The default is 1000 MB. If the available disk space falls below
the configured value, the Device Server begins to purge logDb data starting from the
earliest date in the logs directory until the available disk space reaches the configured
value. However, if the free disk space is lower than the configured value of the
storageManager.Threshold
down automatically.
storageManager.threshold
disk space which if breached, causes the Device Server to automatically shut down.
The default value is 800 MB.
file contains log cleanup parameters that
— With this parameter you can configure a minimum
prior to the current day of log data, the Device Server shuts
—With this parameter, you can define a threshold for available
Chapter 19: Logging
793
Advertisement
Table of Contents
