NAME

catlogger - asynchronous log dispatcher

SYNOPSIS

 catlogger [-D debugspec] [-R configroot] [-BE] [-b file] [-e file] [-o]

DESCRIPTION

Catlogger is an asynchronous log dispatcher capable of reading log spool files and dispatching log messages to the ELS or the Keon Bridge.

This program is usually started by catd. Agents configured for asynchronous logging write their log messages to a spool file. catlogger then processes the spool file and sends the messages in it to the appropriate destination.

OPTIONS

-D debugspec
Set the debug level, debug output file, and other debug control options supported by caterr_setdebug. The simplest form of debug specification is the debug level indicated by a single digit. The higher the level, the more detailed the output.

-R configroot
Specify the directory where the configuration files are located. This option overrides environment variable CATCONFDIR.

On UNIX, this is a file path; on Windows NT, this is a path in the registry.

-B
Read the standard Keon 4.x spool file and send log entries found in that file to a Keon Security Server 4.x.

-E
Read the standard ELS spool file and send log entries found in that file to a Keon Security Server 5.0.

-b file
Read log entries from file and forward them to a Keon Security Server 4.x. Multiple occurrences of this option can be specified.

-e file
Read log entries from file and forward them to a Keon Security Server 4.x. Multiple occurrences of this option can be specified.

-o
Process files only once and stop after all entries have been sent or if the server cannot be contacted.

CONFIGURATION PARAMETERS

.global.boks.logfile
Log spool file for asynchronous logging to a Keon Security Server 4.x.

.global.boks.nodekey
Keon 4.x node key.

.global.boks.nodekeyfile
If no node key configuration value is found, catd will look for a file containing the node key. This parameter or the Keon 4.x node key is required if logging to the Bridge is desired.

.global.boks.domain
The Keon 4.x domain. If not present, catlogger will default to 6500.

.global.boks.myaddress
The ID (IP address) to be used in Keon 4.x packets. The default is from the network interface.

.global.boks.servers
Keon 4.x server list: address[,address]... The default is broadcast only.

.global.ca.dbfile
File containing all trusted CAs. This is needed only for logging to the ELS.

.global.els.dontverifyserver
If > 0, ignore the ELS server certificate in the event that the signing CA was unavailable. (This parameter is used for testing.)

.global.els.logfile
Log spool file for asynchronous logging to ELS.

.global.els.servers
Log servers: address:port[,address:port] Required if logging to the ELS is desired.

.global.log.failsleep
If catlogger fails to send a log message, it will sleep for this number of seconds before trying again.

Default is 60.

.global.log.pollsleep
This is the interval, in seconds, with which catlogger polls the spool files to see if new entries have arrived.

The default is 10 seconds.

.global.log.maxrun
The time-to-live for the process, in seconds, before catd shuts itself down.

The default is approximately 12 hours.

ENVIRONMENT

UNIX only.

CATCONFDIR
catlogger uses this variable to determine the root of the configuration files. If this variable is present, it can be overridden by the -R option.

CATDEBUG
Setting this variable is equivalent to starting catlogger with the -D option.

SEE ALSO

cat, catd, config, caterr_setdebug