|
|
There are two kinds of message logging that you, as System Manager, can use to
monitor and manage Internet Services on your system. The first type is event
logging, which is always enabled. It records informational messages, error
messages and warnings about the Internet Services. The second type is
connection logging, which you can enable and disable. It records successful
and failed connection attempts and its own status (on or off). Both event
logging and connection logging write messages to the $STDLIST device
for inetd and, in some cases, to the system console.
The kinds of informational, error, and warning messages that are always
reported for inetd, and what they mean, are listed in the
"Troubleshooting" section, later in this chapter. Connection logging is
explained next.
Connection Logging
When connection logging is enabled, the Internet daemon records both
successful and failed attempts to establish a connection with the host system
you are managing. Reviewing the log file can give you important information
for managing the Internet Services on your system including:
- Which services are heavily used and which are not.
- Identity of the clients using the Internet Services on your system.
- Pattern of usage, daily, weekly or monthly, for example, for a
particular service or set of services.
- Which host(s) are being used for unsuccessful connection attempts, which
can indicate who may be attempting to access to your system without
authorization.
The syntax of the messages you will see appears here:
<<server>><<protocol>><<user>><<program>>
<<status>>:<<error-msg>>
Enable and Disable Connection Logging
The same command turns connection logging on or off, depending upon its
current state. So, for example, if message logging is currently disabled,
enter the following command at the CI prompt to turn it on:
:INETD.NET.SYS -1''
Or, from the POSIX shell, enter the following command:
$/etc/inetd -1
If message logging is enabled, use either the CI or POSIX command shown above
to turn it off.
|