This topic discusses how to set up an IBM i (i5/OS) running on IBM Power Systems (System i, iSeries) to route messages to SYSLOG on a remote UNIX system. This is done by using programs supplied as part of the IBM i that run in the PASE environment. The PASE environment is a standard free component of the IBM i that runs a subset of AIX with binary compatibility.
The path of a message is:
logger: This AIX command sends a message to the SYSLOG daemon on the local system.
syslogd: This is the SYSLOG daemon, and it routes log messages for the entire system. One of the options is to forward the message to another system, which is the one we will be using for this exercise.
We have assumed for this topic that SYSLOG is not currently configured or being used.
Check that PASE is installed on your system. This is IBM i option 33, and is distributed free of charge with the operating system.
The first thing to do is to configure the SYSLOG daemon to route selected messages to the remote UNIX system. This is done using the file QOpenSys/etc/syslog.conf.
It is important that you use a UNIX editor or a Windows-based editor that is able to write ASCII files in UNIX format to create this file. UNIX terminates lines with a Line Feed character; Windows uses Carriage Return and Line Feed, which will not work with SYSLOG. The people running the system you intend to route the message to might be the best people to speak to about creating this file.
The file should contain one line, which tells SYSLOG to route messages from a particular facility to a remote server. We suggest using facility local0, or the administrator for your target system may have another suggestion. The following line will route all messages for local0 of severity debug and above (which means all messages) to a server called SyslogTarget:
Note that a tab character must be used between the facility name and the server name; a space will not work. The line must end with a newline (LF) character. Once the file has been created, use FTP to move it into the IFS:
SYSLOG will use the IBM i DNS configuration to resolve the host name, so no further configuration is required. The name can be resolved from the system’s hosts table (CFGTCP option 10), or from the corporate DNS server. A dotted decimal address (such as 184.108.40.206) could be used instead, but it's recommended that a symbolic name be used for ease of maintenance.
The SYSLOG daemon will need to be started; this should be added to the system initial start-up routine. The following command starts the SYSLOG daemon in subsystem QSYSWRK, the SYSLOG profile is one we have created for this purpose:
The user name must have *ALLOBJ authority, as only a super user can start the daemon.
The following MMSNDSLM command will send a message to be routed by syslogd:
This command can be added to an auto-reply rule to provide the ability to route messages through to SYSLOG on a UNIX platform.
This example shows any changes to the system values being forwarded:
Pressing F10 shows the previously mentioned MMSNDSLM command with some variables being passed from the message:
This is the type of view as it would appear on the UNIX platform:
If it does not work the first time, try running syslogd interactively with the debug switch. This must be done from a PASE interactive session, which is started with:
call qp2term '/QOpenSys/usr/bin/-bsh'
Enter the command
syslogd -d to run syslog with debug output. It reports on the configuration file validity and on each message received and passed on.
Note also that SYSLOG uses UDP on port 514 to pass its messages around; intervening firewalls may not be configured to allow this.
Still have questions? We can help. Submit a case to Technical Support.