Routing all COZ SFTP server mesages to common log
Routing all COZ SFTP server mesages to common log
I'm testing with V4.2 and I noted that you can now route the server logs to JES2 spool. It's OK but you still have to sort through all the output elements to find the one you want. Is there no way to put all the server output into a single log file ? I was thinking maybe having some kind of CRON job to take the /tmp logfiles and write them to a log file each day might be a good workaround, has anyone done something like that ?
Re: Routing all COZ SFTP server mesages to common log
I agree that sending sftp-server logs to spool files is far from ideal, especially considering the extremely odd way that JES2 manages spool files from OMVS jobs. Perhaps you might consider setting up a separate zFS filesystem to use for your Co:Z SFTP server log files?
If you do this, then it is easy to point everyone to it, like:
# in /etc/ssh/sftp-server.rc
SFTP_LOGDIR=/var/log/sftp # for example
Then, you can set up a CRON/scheduled skulker job to delete these over a certain number of days old, and mount the filesystem with FSFULL so that you get console warnings if it approaches being full.
See: "A1) Best Practices" here: https://dovetail.com/docs/pt-quick-inst ... t-tmp.html
There are very good reasons that individual log files are preferred:
- if you run a trace, then the log files can be very large
- if you don't have separate log files, then the connected client can't pull its session log file during the session (using "get /+error.log"). This can be very helpful in some situations.
PS> If you have a commercial license and support agreement, please open a ticket if you would like assistance
If you do this, then it is easy to point everyone to it, like:
# in /etc/ssh/sftp-server.rc
SFTP_LOGDIR=/var/log/sftp # for example
Then, you can set up a CRON/scheduled skulker job to delete these over a certain number of days old, and mount the filesystem with FSFULL so that you get console warnings if it approaches being full.
See: "A1) Best Practices" here: https://dovetail.com/docs/pt-quick-inst ... t-tmp.html
There are very good reasons that individual log files are preferred:
- if you run a trace, then the log files can be very large
- if you don't have separate log files, then the connected client can't pull its session log file during the session (using "get /+error.log"). This can be very helpful in some situations.
PS> If you have a commercial license and support agreement, please open a ticket if you would like assistance