|
|
There are two kinds of message logging that you, as System Manager, can use to
monitor and manage Internet Services on your system. The first type is event
logging, which is always enabled. It records informational messages, error
messages and warnings about the Internet Services. The second type is
connection logging, which you can enable and disable. It records successful and
failed connection attempts and its own status (on or off). Both event logging
and connection logging write messages to the $STDLIST device for
inetd and, in some cases, to the system console.
The kinds of informational, error, and warning messages that are always
reported for inetd, and what they mean, are listed in the
"Troubleshooting" section, later in this chapter. Connection logging is
explained next.
Connection Logging
When connection logging is enabled, the Internet daemon records
both successful and failed attempts to establish a connection with
the host system you are managing. Reviewing the log file can give
you important information for managing the Internet Services on
your system including:
Which services are heavily used and which are not.
Identity of the clients using the Internet Services on your
system.
Pattern of usage, daily, weekly or monthly, for example, for a
particular service or set of services.
Which host(s) are being used for unsuccessful connection attempts,
which can indicate who may be attempting to access to your system
without authorization.
The syntax of the messages you will see appears here:
<<server>><<protocol>><<user>><<program>>
<<status>>:<<error-msg>>
Enable and Disable Connection Logging
The same command turns connection logging on or off, depending
upon its current state. So, for example, if message logging is currently disabled,
enter the following command at the CI prompt to turn it on:
:INETD.NET.SYS -1''
Or, from the POSIX shell, enter the following command:
$/etc/inetd -1
If message logging is enabled, use either the CI or POSIX
command shown above to turn it off.
|