|
||||||||||||||
Centralized Archive of Log FilesEventLog Analyzer Distributed Edition can support centralized archiving of event logs received from each host. In the normal deployment of distributed edition, the archived files are stored in the respective Managed Servers. The Centralized Archive feature has to be enabled in the Admin Server and there is no configuration required to be done in the Managed Servers. Description The Centralied Archive feature mechanism is explained below: In centralized archiving of the distributed set up, the logs are zipped at periodic intervals and the archive file is transported to the Admin Server using Secured Shell (SSH). The archive file will be received by the Admin Server and confirmation message for the receipt of the file is sent by the Admin Server to the respective Manage Server. Managed Server upon receiving the confirmation message deletes the archive file.
Configuring Centralized Archive In the Admin Server, select Configurations tab > Archive section: Archived Files link. The Archive Files screen opens up. Click Centralized Archive Settings link to configure the centralized archive settings. The File Archive Settings screen pops up.
To enable the Centralized Archive in the distributed set up, select the Enable Centralized Archive check box. If Centralized Archive is enabled, EventLog Analyzer transfers all the files from Managed Server to Admin Server using Secure Copy (SCP). SCP is based on SSH. SSH Server will be started with the below configurations if Centralized Archive is enabled.
Trouble Shooting Tips: If the Centralized Archive is enabled, the SSH Server will be started with the configured values. If the SSH Server fails to start, then Failed status will be indicated besides the Centralized Archive Settings link. If the SSH Server is not getting started, there could be two reasons:
|
||||||||||||||
