Configuration¶
The tool is configurable using a basic configuration language providing a structure similar to what’s found in Microsoft Windows INI files.
The order of the sections, and the order of the items within a section isn’t
relevant. Nevertheless it’s suggested to leave all sections in the config
file and simply switch unneeded features to no
or off
Warning
As the configuration file contains user credentials, make sure that it is stored at a secure location with propper permission settings, not to disclose it to nosy eyes!
The config file must be write-able by the tool itself, as it uses it to remember state between its runs.
The configuration file explained¶
HCP system(s) to collect from
One or more HCP systems can be configured for log collection by adding more than a single
[target ...]
header. Make sure to replace...
by an unique identifier for each target section!
- fqdn needs to start with
admin.
; using an IP address is not supported.- user needs to be a system level user, having the Admin and Monitor role.
- folder is the target folder below the path specified in the
[... archive store]
section.- last collected will be used by the tool to remember the last collection date
[target hcp72] fqdn = admin.hcp72.domain.com user = logmon password = secret folder = hcp72 last collected = [target hcp73] fqdn = admin.hcp73.domain.com user = logmon password = secret folder = hcp73 last collected =
Log type selection
The
[access log]
section allows to select the required logs.
- access - user requests
- admin - access to the Management Consoles
- mapi - requests to the Management API
- omit empty - 0-byte files will be skipped if set to
yes
[access logs] access = yes admin = yes mapi = yes # do not transfer empty logfiles omit empty = yes
Storage locations
The
[local archive store]
section defines where to store the downloaded logs locally.[local archive store] enable = yes # path should to be an absolute path path = /tmp/hcplogsThe
[compliant archive store]
section defines where to archive the downloaded logs on an HCP system.
- path needs to be full qualified - including http or https and the target folder within the namespace
- user needs to have write permission for the namespace
- retention can be any valid retention string, as described in the HCP - Using a Namespace manual (0 means deletion allowed)
[compliant archive store] enable = yes # path needs to be a full qualified Namespace and folder path = https://namespace.tenant.hcp72.domain.com/rest/accesslogs # a user having write permission to the namespace user = n password = secret # retention needs to be a valid HCP retention string retention = 0
Logging
The
[logging ]
section defines where the tool writes its output to. If logging to file is enabled, logfiles are auto-rotated and limited to the given number of backups.
- status query tells after how many seconds a status update shall be logged while HCP is preparing the logs for download.
- debug enables more detailed and very chatty logging.
[logging] log to stdout = yes log to file = yes logfile = /tmp/hcplogs/_hcplogs.log rotateMB = 10 backups = 9 status query = 10 debug = no
Temporary storage
This section defines where temporary files will be stored. This is needed for unpacking and decompressing the downloaded file, and the preparation for archiving. The content will be deleted while the tool finishs.
[temporary store] # used for download/de-compression and handling the logs # will be cleaned up when the tool has finished its work tempdir = .