Enable Archiving on NSM - establish an SSH trust relationship between two linux servers

1. Be sure to set a preshared SSH key between the NSM device server and the remote server (Establishing Trust Relationship) as described below:

You also need to ensure that you have established an SSH trust relationship between the primary and secondary servers.
The instructions for Linux are as follows:

a. Run the following commands on the primary server:

cd /root
ssh-keygen -t rsa
chmod 0700 .ssh

The result of the process is the creation of a hidden directory called .ssh under /root which contains two text files (public and private key).

b. Run the following commands on the secondary server:

cd /root
ssh-keygen -t rsa
chmod 0700 .ssh

c. You then need to copy the public key called .ssh/id_rsa.pub to the peer server manually and place it in .ssh/authorized_keys. For example, you would run the following command:

scp .ssh/id_rsa.pub root@<IP addr NSM2>: /root/.ssh/authorized_keys

d. You then need to copy .ssh/id_rsa.pub to the peer machines’ .ssh/authorized_keys. For example:

scp .ssh/id_rsa.pub root@<IP addr NSM1>: /root/.ssh/authorized_keys

e. You should test connectivity via SSH from the primary server to the secondary server and vice versa. For example, to test SSH connectivity from NSM Server1 to NSM Server2, type the following command:

ssh root@<IP ADDRESS of Secondary Server>

f. Validate that you do not receive a prompt to enter a password to access the secondary server.

2. Login to NSM as super or another system administrator with server management privileges. 

3. Select Server Manager > Servers from the tree on the left. 

4. Double click server_1 (Device Server) from the top section of the right pane. 

5. Select the Disk and Log Management tab in the new window that comes up. 

6. From the Archive Database Type pulldown menu, select Remote. A yellow alert triangle will appear indicating the need to create preshared SSH keys on the remote server. 

7. In the archive location, type 
root@<remote.server.ip.address>:/<path/to/archive/storage/location>

For example, [email protected]:/var/nsmDeviceServerLogs 

8. From the Remote Archive Method pulldown menu, select SCP 

9. Click OK 

10. Select the Tools Menu > Log Management > Archive Logs on NSM 

11. Select a date range and click OK.

NOTE: Be sure that the target directory used in step 7 exists on the remote server. Currently if this directory does not exist, the remote archive will report success but no files will be copied and no error logs generated. 

To verify the success of the archive procedure, login to the remote server and look for files of the format YYYYMMDD_<No>.tar.gz  (where YYYYMMDD is the date of the archived log files and <No> is the archive number

------------------------------------------------

NSM 2007.1 How to archive device server logs to a remote server

[KB9642] Show KB Properties

---

SUMMARY:

NSM 2007.1 provides a feature through which device server logs can be archived to a remote server.

PROBLEM OR GOAL:

When configuring NSM device server to archive log files to a remote server, the method for setting the configuration options is somewhat unclear.

SOLUTION:

1. Be sure to set a preshared SSH key between the NSM device server and the remote server as described in the "Establishing a Trust Relationship" section of the NSM 2007.1 Installers Guide.


2. Login to NSM as super or another system administrator with server management privileges.


3. Select Server Manager > Servers from the tree on the left.


4. Double click server_1 (Device Server) from the top section of the right pane.


5. Select the Disk and Log Management tab in the new window that comes up.


6. From the Archive Database Type pulldown menu, select Remote. A yellow alert triangle will appear indicating the need to create preshared SSH keys on the remote server.


7. In the archive location, type root@<remote.server.ip.address>:/<path/to/archive/storage/location>
   For example, [email protected]:/var/nsmDeviceServerLogs


8. From the Remote Archive Method pulldown menu, select SCP


9. Click OK


10. Select the Tools Menu > Log Management > Archive Logs on NSM


11. Select a date range and click OK.
    
    NOTE: Be sure that the target directory used in step 7 exists on the remote server. Currently if this directory does not exist, the remote archive will report success but no files will be copied and no error logs generated.

To verify the success of the archive procedure, login to the remote server and look for files of the format YYYYMMDD_<No>.tar.gz  (where YYYYMMDD is the date of the archived log files and <No> is the archive number).