Sunday, January 18, 2015

Location of vCenter Server log files

The vCenter Server logs are placed in a different directory on disk depending on vCenter Server version and the deployed platform:
  • vCenter Server 5.x and earlier versions on Windows XP, 2000, 2003: %ALLUSERSPROFILE%\Application Data\VMware\VMware VirtualCenter\Logs\
  • vCenter Server 5.x and earlier versions on Windows Vista, 7, 2008: C:\ProgramData\VMware\VMware VirtualCenter\Logs\
  • vCenter Server Appliance 5.x: /var/log/vmware/vpx/ 
  • vCenter Server Appliance 5.x UI: /var/log/vmware/vami
     
    Note    : If the service is running under a specific user, the logs may be located in the profile directory of that user instead of %ALLUSERSPROFILE%.
vCenter Server logs are grouped by component and purpose:
  • vpxd.log: The main vCenter Server logs, consisting of all vSphere Client and WebServices connections, internal tasks and events, and communication with the vCenter Server Agent (vpxa) on managed ESX/ESXi hosts.

  • vpxd-profiler.log, profiler.log and scoreboard.log: Profiled metrics for operations performed in vCenter Server. Used by the VPX Operational Dashboard (VOD) accessible at https://VCHostnameOrIPAddress/vod/index.html.

  • vpxd-alert.log: Non-fatal information logged about the vpxd process.

  • cim-diag.log and vws.log: Common Information Model monitoring information, including communication between vCenter Server and managed hosts' CIM interface.

  • drmdump\: Actions proposed and taken by VMware Distributed Resource Scheduler (DRS), grouped by the DRS-enabled cluster managed by vCenter Server. These logs are compressed.

  • ls.log: Health reports for the Licensing Services extension, connectivity logs to vCenter Server.

  • vimtool.log: Dump of string used during the installation of vCenter Server with hashed information for DNS, username and output for JDBC creation.

  • stats.log: Provides information about the historical performance data collection from the ESXi/ESX hosts

  • sms.log: Health reports for the Storage Monitoring Service extension, connectivity logs to vCenter Server, the vCenter Server database and the xDB for vCenter Inventory Service.

  • eam.log: Health reports for the ESX Agent Monitor extension, connectivity logs to vCenter Server.

  • catalina.<date>.log and localhost.<date>.log: Connectivity information and status of the VMware Webmanagement Services.

  • jointool.log: Health status of the VMwareVCMSDS service and individual ADAM database objects, internal tasks and events, and replication logs between linked-mode vCenter Servers.

  • Additional log files:
    • manager.<date>.log
    • host-manager.<date>.log
Note: As each log grows, it is rotated over a series of numbered component-nnn.log files. On some platforms, the rotated logs are compressed.
vCenter Server logs can be viewed from:
  • The vSphere Client connected to vCenter Server 4.0 and higher – Click Home > Administration > System Logs.
  • The Virtual Infrastructure Client connected to VirtualCenter Server 2.5 – Click Administration > System Logs.
  • From the vSphere 5.1 and 5.5 Web Client – Click Home > Log Browser, then from the Log Browser, click Select object now, choose an ESXi host or vCenter Server object, and click OK.
Posted by at No comments:

Saturday, January 10, 2015

Configuring Postfix as Mail Gateway

Configuring Postfix

Configure main.cf with the following values. 
inet_interfaces = 1.1.1.1
mydestination =
myorigin = domain.com
local_recipient_maps =
local_transport = error:no local delivery

parent_domain_matches_subdomains = debug_peer_list smtpd_access_maps

# this file contains the list to relay for
relay_domains = domain1.com, domain2.com, domain3.com, domain4.com

# list of addresses/domains to accept mail for
relay_recipient_maps = cdb:/etc/postfix/relay_recipient_maps

# Seems OK
smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination

# Where to send mail for addresses/domains
transport_maps = cdb:/etc/postfix/transport_maps

# 
# virtual_alias_maps = cdb:/etc/postfix/virtual

Creating Relay Maps

Create the following values in the /etc/postfix.gate/relay_recipient_maps file. The file is simply a list of addresses or domain names, the lookup result is not used. 
# mail for the first of the domains we accept for
info@domain1.com x
host@domain1.com x
root@domain1.com x
bill@domain1.com x

# Another Set of Users
info@domain2.com x
host@domain2.com x
root@domain2.com x
bill@domain2.com x

# Accept mail for anyone at domain3.com
@domain3.com x
    
# Accept All Mail Here
@domain4.com x
After editing recreate the map with postmap -c /etc/postfix.gate/main.cf /etc/postfix.gate/relay_recipient_maps
This list can be cumbersome to maintain; postfix supports LDAP or SQL lookups here, configuration is beyond the scope of this document.

Creating Transport Maps

This configures all mail for a [recipient] lookup to transport/next-hop, see man 5 transport section on table search order
# Mail to anyone at domain.com is sent via SMTP to this host
domain1.com smtp:smtp.domain.com

# Also mail to *.domain.com
.domain1.com smtp:[1.1.1.2]:25

# this user goes to a different host for delivery
root@domain1.com smtp:trap.domain.com:25

# Mail to anyone at domain.com is sent via SMTP to this host
domain2.com smtp:[2.2.2.2]:25

# Mail to anyone at domain.com is sent via SMTP to this host
domain3.com smtp:[3.3.3.3]:25

# Mail to anyone at domain.com is sent via SMTP to this host
domain3.com smtp:[4.4.4.4]:25

# bounce these
example.com error:we do not mail to them
hotmail.com error:we do not mail to them
microsoft.com error:we do not mail to them
After editing recreate the map with postmap -c /etc/postfix.gate/main.cf /etc/postfix.gate/transport_maps
Posted by at No comments:

Friday, January 2, 2015

Linux Kernel /etc/sysctl.conf Hardening

Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box.

/etc/sysctl.conf file is used to configure kernel parameters at runtime.
Linux reads and applies settings from /etc/sysctl.conf at boot time.

Sample /etc/sysctl.conf:
# Turn on execshield
kernel.exec-shield=1
kernel.randomize_va_space=1
# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter=1
# Disable IP source routing
net.ipv4.conf.all.accept_source_route=0
# Ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_messages=1
# Make sure spoofed packets get logged
net.ipv4.conf.all.log_martians = 1
Posted by at No comments:
Subscribe to: Posts (Atom)