catlogger - asynchronous log dispatcher
catlogger [-D debugspec] [-R configroot] [-BE] [-b file] [-e file] [-o]
Catlogger is an asynchronous log dispatcher capable of reading log spool files and
dispatching log messages to the ELS or the Keon Bridge.
This program is usually started by catd. Agents configured for asynchronous logging write their log messages to a
spool file. catlogger then processes the spool file and sends the messages in it to the
appropriate destination.
- -D debugspec
-
Set the debug level, debug output file, and other debug control options
supported by caterr_setdebug. The simplest form of debug specification is the debug level indicated by
a single digit. The higher the level, the more detailed the output.
- -R configroot
-
Specify the directory where the configuration files are located. This
option overrides environment variable CATCONFDIR.
On UNIX, this is a file path; on Windows NT, this is a path in the
registry.
- -B
-
Read the standard Keon 4.x spool file and send log entries found in that
file to a Keon Security Server 4.x.
- -E
-
Read the standard ELS spool file and send log entries found in that file to
a Keon Security Server 5.0.
- -b file
-
Read log entries from file and forward them to a Keon Security Server 4.x. Multiple occurrences of
this option can be specified.
- -e file
-
Read log entries from file and forward them to a Keon Security Server 4.x. Multiple occurrences of
this option can be specified.
- -o
-
Process files only once and stop after all entries have been sent or if the
server cannot be contacted.
- .global.boks.logfile
-
Log spool file for asynchronous logging to a Keon Security Server 4.x.
- .global.boks.nodekey
-
Keon 4.x node key.
- .global.boks.nodekeyfile
-
If no node key configuration value is found, catd will look for a file containing the node key. This parameter or the Keon
4.x node key is required if logging to the Bridge is desired.
- .global.boks.domain
-
The Keon 4.x domain. If not present, catlogger
will default to 6500.
- .global.boks.myaddress
-
The ID (IP address) to be used in Keon 4.x packets. The default is from the
network interface.
- .global.boks.servers
-
Keon 4.x server list: address[,address]... The default is broadcast only.
- .global.ca.dbfile
-
File containing all trusted CAs. This is needed only for logging to the
ELS.
- .global.els.dontverifyserver
-
If > 0, ignore the ELS server certificate in the event that the signing
CA was unavailable. (This parameter is used for testing.)
- .global.els.logfile
-
Log spool file for asynchronous logging to ELS.
- .global.els.servers
-
Log servers: address:port[,address:port] Required if logging to the ELS is
desired.
- .global.log.failsleep
-
If catlogger fails to send a log message, it will sleep for this number of seconds
before trying again.
Default is 60.
- .global.log.pollsleep
-
This is the interval, in seconds, with which catlogger polls the spool files to see if new entries have arrived.
The default is 10 seconds.
- .global.log.maxrun
-
The time-to-live for the process, in seconds, before catd shuts itself down.
The default is approximately 12 hours.
UNIX only.
- CATCONFDIR
-
catlogger uses this variable to determine the root of the configuration files. If
this variable is present, it can be overridden by the
-R
option.
- CATDEBUG
-
Setting this variable is equivalent to starting catlogger with the
-D
option.
cat, catd, config, caterr_setdebug