Configuration

The tool is configurable using a basic configuration language providing a structure similar to what’s found in Microsoft Windows INI files.

The order of the sections, and the order of the items within a section isn’t relevant. Nevertheless it’s suggested to leave all sections in the config file and simply switch unneeded features to no or off

Warning

As the configuration file contains user credentials, make sure that it is stored at a secure location with propper permission settings, not to disclose it to nosy eyes!

The config file must be write-able by the tool itself, as it uses it to remember state between its runs.

The configuration file explained

HCP system(s) to collect from

One or more HCP systems can be configured for log collection by adding more than a single [target ...] header. Make sure to replace ... by an unique identifier for each target section!

  • fqdn needs to start with admin.; using an IP address is not supported.
  • user needs to be a system level user, having the Admin and Monitor role.
  • folder is the target folder below the path specified in the [... archive store] section.
  • last collected will be used by the tool to remember the last collection date
[target hcp72]
fqdn = admin.hcp72.domain.com
user = logmon
password = secret
folder = hcp72
last collected =

[target hcp73]
fqdn = admin.hcp73.domain.com
user = logmon
password = secret
folder = hcp73
last collected =

Log type selection

The [access log] section allows to select the required logs.

  • access - user requests
  • admin - access to the Management Consoles
  • mapi - requests to the Management API
  • omit empty - 0-byte files will be skipped if set to yes
[access logs]
access = yes
admin = yes
mapi = yes
# do not transfer empty logfiles
omit empty = yes

Storage locations

The [local archive store] section defines where to store the downloaded logs locally.

[local archive store]
enable = yes
# path should to be an absolute path
path = /tmp/hcplogs

The [compliant archive store] section defines where to archive the downloaded logs on an HCP system.

  • path needs to be full qualified - including http or https and the target folder within the namespace
  • user needs to have write permission for the namespace
  • retention can be any valid retention string, as described in the HCP - Using a Namespace manual (0 means deletion allowed)
[compliant archive store]
enable = yes
# path needs to be a full qualified Namespace and folder
path = https://namespace.tenant.hcp72.domain.com/rest/accesslogs
# a user having write permission to the namespace
user = n
password = secret
# retention needs to be a valid HCP retention string
retention = 0

Logging

The [logging ] section defines where the tool writes its output to. If logging to file is enabled, logfiles are auto-rotated and limited to the given number of backups.

  • status query tells after how many seconds a status update shall be logged while HCP is preparing the logs for download.
  • debug enables more detailed and very chatty logging.
[logging]
log to stdout = yes
log to file = yes
logfile = /tmp/hcplogs/_hcplogs.log
rotateMB = 10
backups = 9
status query = 10
debug = no

Temporary storage

This section defines where temporary files will be stored. This is needed for unpacking and decompressing the downloaded file, and the preparation for archiving. The content will be deleted while the tool finishs.

[temporary store]
# used for download/de-compression and handling the logs
# will be cleaned up when the tool has finished its work
tempdir = .