HP 6125G HP Networking guide to hardening Comware-based devices - Page 14

Do not log to console or monitor sessions With HP Comware software, it is possible to send log messages to monitor sessions and to the console. Monitor sessions are interactive management sessions in which the EXEC command terminal monitor has been issued. However, sending such messages can elevate the CPU load of a Comware device and therefore is not recommended. Instead, you are advised to send logging information to the local log buffer, which can be viewed by using the display logbuffer command. Use the system-view configuration commands info-center source default channel console log state off and info-center source default channel monitor log state off to disable logging to the console and monitor sessions. The following configuration example shows the use of these commands: # info-center source default channel console log state off info-center source default channel monitor log state off # server: # info-center loghost # For more information on log correlation, see "Information Center" in the Network Management and Monitoring Configuration Guide. Use buffered logging HP Comware software supports the use of a local log buffer so that an administrator can view locally generated log messages. The use of buffered logging is highly recommended versus logging to either the console or monitor session. There are two configuration options that are relevant when configuring buffered logging: the logging buffer size and the message severities that are stored in the buffer. The size of the logging buffer is configured with the system-view configuration command info-center logbuffer size. The lowest severity included in the buffer is configured using the info-center source default channel logbuffer log level command. An administrator is able to view the contents of the logging buffer through the display logbuffer EXEC command. The following configuration example includes the configuration of a logging buffer of 1,024 items, as well as a severity of 6 (informational), indicating that messages at levels 0 (emergencies) through 6 (informational) are stored: # info-center logbuffer size 1024 info-center source default channel logbuffer log level informational # For more information, see "Information Center" in the Network Management and Monitoring Command Reference Guide. Configure logging source interface In order to provide an increased level of consistency when collecting and reviewing log messages, you are advised to statically configure a logging source interface. Accomplished by using the info-center loghost source interface command, statically configuring a logging source interface helps ensure that the same IP address appears in all logging messages that are sent from an individual HP Comware device. For added stability, you are advised to use a loopback interface as the logging source. The following configuration example illustrates the use of the info-center loghost source command to specify that the IP address of the loopback 0 interface be used for all log messages: # info-center loghost source Loopback 0 # For more information, see "Information Center" in the Network Management and Monitoring Command Reference Guide. 14