5.10 Starting a Linux Endpoint

The endpoint program starts automatically each time Linux is rebooted.

If you want to see any error messages generated at this endpoint, enter one of the following:

for Slackware:

tail -f /var/adm/endpoint.console 

for Red Hat or Cobalt:

tail -f /var/local/endpoint.console 

The detailed information about the start and stop of each individual connection pair is written to file endpoint.aud. The contents of this file vary depending on how you set the SECURITY_AUDITING keyword in your endpoint.ini file. For more information, see Section 2.0, Endpoint Initialization File.

Instead of automatic startup, you can choose to manually start the endpoint program at a command prompt. Ensure you are logged in as a “root” user. To start the endpoint, enter the following:

/usr/local/NetIQ/endpoint &

The “&” parameter indicates to Linux the endpoint program should run in the background. The screen output from the endpoint program is interleaved with other UNIX commands. Just press Return to enter more commands.

If you manually start the endpoint, consider redirecting its output to the endpoint.console file. You can tell by the time stamp of the file when the endpoint program was started or stopped.

If the endpoint program is already running, you get the following message: CHR0183: The endpoint program is already running. Only one copy is allowed at a time.

Use the ps command to check all running processes and ensure the endpoint is running. For more information, see Section 5.12, How to Tell Whether a Linux Endpoint Is Active.

If you repeatedly get error message CHR0183 but it appears the endpoint is not running, you may need to do some extra cleanup. Check for the hidden file /usr/local/NetIQ/NETIQ.ENDPOINT.PID by using the ls -a command. This file should be manually removed.