We plan to add the following to /etc/ssh/sftp-server.rc to send sftp server logs to the spool:
SFTP_LOG_SYSOUT=true # required
SFTP_SYSOUT_CLASS=1 # optional
unset SFTP_LOGFILE # don't set this
export _BPX_JOBNAME=COZLOG # recommended
I am wondering if every non uid=0 userid will need READ access to FACILITY BPXJOBNAME ?
Sending COZSFTP server logs to JES spool
Re: Sending COZSFTP server logs to JES spool
Please can you elaborate on why export _BPX_JOBNAME=COZLOG is recommended. Is there a reason this is set to a name that is 6 characters?
Re: Sending COZSFTP server logs to JES spool
_BPX_JOBNAME=COZLOG is an environment variable that causes any new forked OMVS address spaces to get a specific jobname.
When you send logs to the jes spool, there is a new OMVS address space that runs to capture and write the spool file, so using this makes is a *little* easier to find stuff.
We really don't recommend that you use this feature, since:
- the spool files are difficult to find due to the crazy way that spool files are organized by z/OS for OMVS jobs.
- you lose the ability to do a "get /+error.log" from the remote client to get the log from the current job, which is very useful to the remote client for error dianosis.
- The extra OMVS job for writing to the JES spool is extra overhead
- Its just better in our opinion to set up a separate zFS filesystem for log files. The new "SFTP_LOG_KEEP_DAYS" settting in sftp-server.rc (added in V5.5.0) will automatically remove old files so you don't need a separate file skulker job anymore.
When you send logs to the jes spool, there is a new OMVS address space that runs to capture and write the spool file, so using this makes is a *little* easier to find stuff.
We really don't recommend that you use this feature, since:
- the spool files are difficult to find due to the crazy way that spool files are organized by z/OS for OMVS jobs.
- you lose the ability to do a "get /+error.log" from the remote client to get the log from the current job, which is very useful to the remote client for error dianosis.
- The extra OMVS job for writing to the JES spool is extra overhead
- Its just better in our opinion to set up a separate zFS filesystem for log files. The new "SFTP_LOG_KEEP_DAYS" settting in sftp-server.rc (added in V5.5.0) will automatically remove old files so you don't need a separate file skulker job anymore.