Sentinel Log Manager archives data in a compressed format for the long-term storage. Several types of storage options are supported:
Local Storage or SAN: The local storage or storage network area (SAN) option includes storage that is attached directly to the Sentinel Log Manager machine. This option provides the best combination of performance, security, and reliability. This is a preferable storage option in comparison to common internet file system and network file system.
CIFS: The common internet file system (CIFS) protocol provides better performance and security than NFS.
NFS: The network file system (NFS) protocol requires significant configuration to improve performance and security, and it is mandatory only if you already have a well-established NFS infrastructure in your environment.
If the archive destination is an NFS or CIFS server, additional configuration is necessary to ensure that the Sentinel Log Manager server has the necessary permissions. The configurations in this section are for server settings; it is also necessary to configure archiving in the Sentinel Log Manager administrator interface. For more information, see Configuring Data Storage
in the Sentinel Log Manager 1.0.0.4 Administration Guide.
The configuration steps described in this section only apply in environments where the event archive destination is a CIFS server. For security reasons, you should change the following settings to limit the access to the archived data.
Log into the Sentinel Log Manager server as novell.
Open the server.conf file for editing. This file is located in the Install_Directory/config directory.
Find the wrapper.java.additional.38 setting and modify it to:
wrapper.java.additional.38=-Dnovell.sentinel.mount.options=file_mode=0660,dir_mode=0770
Save the file.
Restart the Sentinel Log Manager process by using the following command:
Install_Directory/bin/server.sh restart
The configuration steps described in this section only apply in environments where the event archive destination is an NFS server. These configuration settings include configuration of both the NFS archive server and the NFS client. The exact steps can vary based on the NFS server software and operating system,. Consult with your NFS system administrator before making any changes.
The NFS server needs to export (share) the archive volume to the Sentinel Log Manager server so that the archive is readable by root user on the Sentinel Log Manager server. Following settings describe one of the method to achieve this readability:
The NFS server must have a user and a group with a UID and a GID that correspond to the novell user and group on the Sentinel Log Manager server.
In the following examples, if the user on the NFS server is novell with UID=5555 and the group is novell with GID=5555. The Sentinel Log Manager server has a hostname log-manager-server, which can be resolved by the NFS server.
The archive destination directory on the NFS server must be owned by the novell user and group. In the following examples, the archive destination is /archive.
The root user on the Sentinel Log Manager server must be mapped to the novell user and group on the NFS server.
Linux (/etc/exports file)
/archive log-manager=server(rw,root_squash,anonuid=5555,anongid=5555)
Solaris (/etc/dfs/dfstab file)
/usr/bin/share -F nfs -o sec=sys,rw=log-manager-server,anon=5555 -d “/archive” /archive
HPUX (/etc/exports file)
archive -access=log-manager-server,anon=5555
For performance reasons, you can add the async option to make the archiving process faster. However, this may increase the risk of a lost or corrupt archive, if the NFS server crashes. The following examples demonstrate the addition of the async option:
Linux (/etc/exports file)
/archive log-manager=server(rw,root_squash,anonuid=5555,anongid=5555),async
HPUX (/etc/exports file)
archive -access=log-manager-server,anon=5555,async
For information about security recommendations for using NFS, see Securing Sentinel Data
in the Sentinel Log Manager 1.0.0.4 Administration Guide.
With the default settings for mounting an NFS archive volume search requests can hang indefinitely, if the NFS server becomes unavailable. For performance reasons, you can configure a time-out setting for the search. However, after this change, restart Sentinel Log Manager process when the NFS server becomes available again to search for the archived data.
NOTE:Manual NFS client configuration is not required for Sentinel Log Manager 1.0.0.1 and later, as by default the client settings are set automatically starting from this version.
Log in to the Sentinel Log Manager server as the novell user.
Open the server.conf file for editing. This file is located in the Install_Directory/config directory.
Find the wrapper.java.additional.38 setting and modify it:
wrapper.java.additional.38=-Dnovell.sentinel.mount.options=soft,proto=tcp,retrans=1,timeo=60
Save the file.
Restart the Sentinel Log Manager process by using the following command:
Install_Directory/bin/server.sh restart