Documente Academic
Documente Profesional
Documente Cultură
V100R002C00
04
Date
2013-08-30
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website:
http://www.huawei.com
Email:
support@huawei.com
Issue 04 (2013-08-30)
Product Version
The following table lists the product versions involved in this document.
Product Name
Version
V100R002C00
Operating system
Database
Intended Audience
This document is intended for:
l
System engineers
Network operators
Issue 04 (2013-08-30)
ii
Change History
04 (2013-08-30)
This is the fourth commercial release for V100R002C00.
Compared with Issue 03 (2013-05-30), this issue includes the following changes.
Section
Change Description
iii
Section
Change Description
03 (2013-05-30)
This is the third commercial release for V100R002C00.
Compared with Issue 02 (2013-03-30), this issue includes the following changes.
Section
Change Description
02 (2013-03-30)
This is the second commercial release for V100R002C00.
Compared with Issue 01 (2013-01-30), this issue includes the following changes.
Section
Change Description
iv
Section
Change Description
01 (2013-01-30)
This is the first commercial release for V100R002C00.
Compared with Draft A (2012-11-20), this issue includes the following changes.
Section
Change Description
Added.
Section
Change Description
Deleted.
Entire document
Draft A (2012-11-20)
This is a draft for V100R002C00.
Organization
1 Powering On and Powering Off the Server
This chapter describes how to power on and power off M2 server when the HP DL580 server
acts as M2 server.
2 Configuring Time
This chapter describes how to configure the time zone, date, and time of the server.
3 Configuring Server Parameters
This chapter describes how to change the host name of the server, add or delete the server's
routes, and set the IP address of the M2 server.
4 Managing License
You have permission for the M2 only after obtaining a license. The license file controls the
resources and functions of the M2.
5 Setting M2 System Security
This chapter describes how to manage M2 system users and how to configure FTP transfer for
M2 server.
6 Monitoring the M2 System
This chapter describes how to monitor the M2 system. You can learn the status of the services,
processes, hard disks, and databases on the M2 system services, component information of the
M2 system services, and operation logs on the client through M2 system monitoring.
7 Managing Logs
This section describes how to manage the operation logs, system logs, and security logs of the
M2.
8 Managing Processes and Services
This chapter describes how to manage the system processes and services of M2, SAU, eSAU,
and Agent Server.
9 Managing Databases
Issue 04 (2013-08-30)
vi
This chapter describes how to manage the M2 databases. It also describes the procedures for
checking the database status of M2 and Agent Server.
10 Managing Files and Disks
This chapter describes how to manage the file system and disks of the server.
11 Backing Up and Restoring Data
This chapter describes how to back up and restore M2 system dynamic data.
12 Routine System Maintenance
This chapter describes the system routine maintenance which is a type of preventive
maintenance. Routine maintenance is classified into daily maintenance, weekly maintenance,
and monthly maintenance. Specified items and guidelines are provided and you can add or delete
the items as required.
13 FAQs
This section describes the common frequently asked questions (FAQs) about the M2 and the
corresponding solutions.
Conventions
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol
Description
Indicates a hazard with a high level or medium level of risk
which, if not avoided, could result in death or serious injury.
Indicates a hazard with a low level of risk which, if not
avoided, could result in minor or moderate injury.
Indicates a potentially hazardous situation that, if not
avoided, could result in equipment damage, data loss,
performance deterioration, or unanticipated results.
Indicates a tip that may help you solve a problem or save
time.
Provides additional information to emphasize or supplement
important points of the main text.
General Conventions
The general conventions that may be found in this document are defined as follows.
Issue 04 (2013-08-30)
vii
Convention
Description
Boldface
Italic
Courier New
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention
Description
Boldface
Italic
[]
{ x | y | ... }
[ x | y | ... ]
{ x | y | ... }*
[ x | y | ... ]*
GUI Conventions
The GUI conventions that may be found in this document are defined as follows.
Convention
Description
Boldface
>
Keyboard Operations
Issue 04 (2013-08-30)
viii
The keyboard operations that may be found in this document are defined as follows.
Format
Description
Key
Press the key. For example, press Enter and press Tab.
Key 1+Key 2
Key 1, Key 2
Mouse Operations
The mouse operations that may be found in this document are defined as follows.
Issue 04 (2013-08-30)
Action
Description
Click
Double-click
Drag
Press and hold the primary mouse button and move the
pointer to a certain position.
ix
Contents
Contents
About This Document.....................................................................................................................ii
1 Powering On and Powering Off the Server.............................................................................1
1.1 Powering On the Server (DL580)...................................................................................................................................2
1.2 Powering Off the Server (DL580)..................................................................................................................................2
2 Configuring Time..........................................................................................................................4
2.1 Changing the Time Zone of the Server..........................................................................................................................5
2.2 Changing the Date and Time of the Server....................................................................................................................6
2.3 Changing the Date, Time, and Time Zone of the Client................................................................................................7
2.4 Checking DST................................................................................................................................................................8
2.4.1 DST..............................................................................................................................................................................8
2.4.2 Querying the DST Rules of a Time Zone....................................................................................................................9
4 Managing License........................................................................................................................15
4.1 Viewing the Current License in the System.................................................................................................................16
4.2 Obtaining the ESN........................................................................................................................................................17
4.3 Updating the License....................................................................................................................................................17
Contents
7 Managing Logs.............................................................................................................................60
7.1 Log Types.....................................................................................................................................................................61
7.1.1 The M2 Operation Logs............................................................................................................................................61
7.1.2 The M2 System Logs.................................................................................................................................................62
7.1.3 The M2 Security Logs...............................................................................................................................................63
7.1.4 eSAU Service Logs...................................................................................................................................................64
7.1.5 SAU Service Logs.....................................................................................................................................................65
7.1.6 Agent Server Service Logs........................................................................................................................................65
7.2 Managing M2 Server Logs...........................................................................................................................................65
7.2.1 Checking the M2 Operation Logs.............................................................................................................................65
7.2.2 Collecting Statistics on the M2 Operation Logs........................................................................................................67
7.2.3 Checking the M2 System Logs..................................................................................................................................68
7.2.4 Collecting Statistics on the M2 System Logs............................................................................................................70
7.2.5 Checking the M2 Security Logs................................................................................................................................71
7.2.6 Collecting Statistics on the M2 Security Logs..........................................................................................................73
Issue 04 (2013-08-30)
xi
Contents
9 Managing Databases.................................................................................................................121
9.1 Managing Oracle Databases.......................................................................................................................................122
9.1.1 M2 System Databases..............................................................................................................................................122
Issue 04 (2013-08-30)
xii
Contents
xiii
Contents
13 FAQs...........................................................................................................................................173
13.1 How Do I Log In to the M2 Server in SSH Mode by Using PuTTY? ....................................................................174
13.2 How Do I Use FileZilla to Transfer Files?...............................................................................................................177
13.3 How Do I Start M2 System Services? (One-Click)..................................................................................................179
13.4 How Do I Stop M2 System Services? (One-Click)..................................................................................................180
13.5 How Do I Start M2 System Services?......................................................................................................................181
13.6 How Do I Stop M2 System Services?......................................................................................................................183
Issue 04 (2013-08-30)
xiv
Issue 04 (2013-08-30)
Procedure
Step 1 Power on the keyboard, video, and mouse (KVM) connected to the server.
The KVM is an operation and maintenance console that is used to control multiple PCs and
servers through a keyboard, a monitor, and a mouse.
Step 2 Turn on the power switch of the server to start it, as shown in Figure 1-1.
Figure 1-1 Power switch of the DL580 server
Step 3 After the server is started, check the status of database services by referring to 9.1.2 Checking
Oracle Database Running Status and check the status of M2 services by referring to 8.1.2
Checking M2 Server Service Status.
Start the corresponding services by referring to 8.1.3 Starting M2 Server Services, 8.1.7
Starting SAU Services, 8.1.11 Starting eSAU Services, 8.2.3 Starting the Agent Server
Service, 9.1.3 Staring Oracle, and 9.2.3 Starting GaussDB if database services and M2
services are not started.
----End
Context
Before powering off the server, you need to stop the M2 services and then stop the database
software.
Issue 04 (2013-08-30)
Procedure
Step 1 Stop M2 system services.
You can check whether the M2 one-click installation packge
M2V100R002C00SPC400OneKeyInstall_pkg.tar or one-click script svc_stop.sh is available
in the /export/home/m2install directory by running ls /export/home/m2install.
l Stop M2 system services by referring to 13.4 How Do I Stop M2 System Services? (OneClick) if at least one of the above is available.
l Stop M2 system services by referring to 13.6 How Do I Stop M2 System Services? if neither
of them is available.
Step 2 Stop Oracle services. For detailed operations, see 9.1.4 Stopping Oracle.
Step 3 Log in to the server as user root, and then run the following commands to power off the server:
# sync; sync; sync; sync; sync; sync
# shutdown -h now
Step 4 Turn off the power switches of other devices and the cabinet as required.
----End
Issue 04 (2013-08-30)
2 Configuring Time
Configuring Time
Issue 04 (2013-08-30)
2 Configuring Time
Context
l
If you need to change both the time zone and the time, you must first change the time zone.
This section describes how to modify the time zone of the M2 server based on the actual
requirements. Changing the time zone of the server results in the reset or invalidation of
all timers that depend on the operating system. Therefore, you need to stop the M2 and
Oracle services so that the reset or invalidation of timers does not result in function failure
and data error.
Procedure
Step 1 Log in to the server as user root, and then run the following command in the command terminal
window to query the time zone of the server.
# grep TIMEZONE /etc/sysconfig/clock
If ...
Then ...
Perform Step 2.
2 Configuring Time
Step 6 According to the description in Time Zone and Clock Settings, change the values of Region
and Time Zone to the actual values.
Step 7 Click Accept.
Step 8 Start Oracle services. For detailed operations, see 9.1.3 Staring Oracle.
Step 9 Start M2 system services.
You can check whether the M2 one-click installation packge
M2V100R002C00SPC400OneKeyInstall_pkg.tar or one-click script svc_start.sh is
available in the /export/home/m2install directory by running ls /export/home/m2install.
l Start M2 system services by referring to 13.3 How Do I Start M2 System Services? (OneClick) if at least one of the above is available.
l Start M2 system services by referring to 13.5 How Do I Start M2 System Services? if
neither of them is available.
----End
Context
l
If you need to change both the time zone and the time, you must first change the time zone.
This section describes how to modify the time zone of the M2 server based on the actual
requirements. Changing the time zone of the server results in the reset or invalidation of
all timers that depend on the operating system. Therefore, you need to stop the M2 and
Oracle services so that the reset or invalidation of timers does not result in function failure
and data error.
You must ensure that the time of the server is within the validity period of the server
software license so that all services can be normally started.
Procedure
Step 1 Log in to the server as user root, and then run the following command in the command terminal
window to query the date and time of the server:
# date
If ...
Then ...
End.
Perform Step 2.
Issue 04 (2013-08-30)
2 Configuring Time
Wherein:
l mm indicates month.
l dd indicates date.
l HH indicates hour.
l MM indicates minute.
l YYYY indicates year.
l SS indicates second.
Step 5 Run the date command again to query the date and time of the server. If the query results show
that the date and time of the server is incorrect, perform Step 4 again to change the date and
time.
Step 6 Start Oracle services. For detailed operations, see 9.1.3 Staring Oracle.
Step 7 Start M2 system services.
You can check whether the M2 one-click installation packge
M2V100R002C00SPC400OneKeyInstall_pkg.tar or one-click script svc_start.sh is
available in the /export/home/m2install directory by running ls /export/home/m2install.
l Start M2 system services by referring to 13.3 How Do I Start M2 System Services? (OneClick) if at least one of the above is available.
l Start M2 system services by referring to 13.5 How Do I Start M2 System Services? if
neither of them is available.
----End
2.3 Changing the Date, Time, and Time Zone of the Client
This section describes how to change the date, time, and time zone of the M2 client that is based
on the Windows operating system. You can change the date, time, and time zone of the M2 client
by changing the date, time, and time zone of the Windows operating system.
Issue 04 (2013-08-30)
2 Configuring Time
Context
This section describes how to change the date, time and time zone of the Windows XP operating
system.
Procedure
Step 1 Open the Control Panel window, and then double-click Date and Time.
Step 2 In the Date and Time Properties dialog box, change the date, time and time zone of the client
by referring to Table 2-1.
Table 2-1 Changing date and time
Item
Operation
Time
Click the Date & Time tab, and then set hour, minute, or second in the
Time area.
Date
Click the Date & Time tab, and then set date in the Date area.
Time zone
Click the Time Zone tab. Then, select the local time zone from the dropdown list.
2.4.1 DST
This section describes Daylight Saving Time (DST) and the impact DST has on the M2.
Concept
DST is short for Daylight Saving Time and is one hour earlier than the standard time. For
example, in eastern United States, ten o'clock in the morning in the standard time system is
eleven o'clock in the morning in the DST system.
The local time of the operating system is automatically increased by one hour when DST
is applied. DST does not affect the system clock. Therefore, the M2 timer is not affected
after DST is applied. The logs and traces of the M2, however, uses the local time. As a
result, one hour of logs and traces are missing.
In normal cases, the local time of the operating system automatically decreases by one hour
when DST is disabled in the M2. This does not affect the storage and switchover of time
because DST does not affect the system clock. The files generated on the modules of the
Issue 04 (2013-08-30)
2 Configuring Time
M2 are named by time stamps. When DST is terminated, the files generated later may cover
the existing files.
Context
The SUSE Linux operating system supports two time zone formats: Greenwich Mean Time
(GMT) and time zone name. GMT support time difference but does not support DST. The time
zone name specifies the time difference and DST rules. For the countries or regions that do not
use DST, you are advised to use the GMT format. For the countries or regions that use DST,
you must use the time zone name format.
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following command to query the DST rules of a time zone in a specific year:
# zdump -v Time zone | grep Specified year
l if DST rules exist, they are displayed as four lines in the command result; if no DST rule
exists, DST is not used.
l The format of the command result is as follows:
Time zone name UTC = Local time/DST isdst=0/1
l The UTC is the same as the GMT.
l isdst=0 indicates that DST is not applied, and isdst=1 indicates that DST is applied.
NOTE
l If you do not specify the year in | grep , the command result shows the DST rules of the time zone in all
years.
l In a particular time zone, DST may start or end on a fixed date. Alternatively, DST may start or end on a
day of week XX of month XX every year. That is, DST starts or ends on a fixed week but not on a fixed
date. For example, at Alaska in the United States, DST starts on the Sunday of the second week of March
every year and ends on the Sunday of the first week of November every year.
l You can run the zdump command to view the DST of the time zone in the last year, current year, and next
year and then deduce the universal DST jumping rule according to the command results.
----End
Example
l
Run the following command to query the DST rules in the Asia/Beijing time zone in 2007:
# zdump -v Asia/Beijing|grep 2007
No information is displayed.
The preceding information indicates that no DST rule exists for the PRC time zone in 2007.
Issue 04 (2013-08-30)
2 Configuring Time
Run the following command to query the DST rules in the US/Alaska time zone in 2007:
# zdump -v US/Alaska|grep 2007
The following or similar information is displayed:
US/Alaska
isdst=0
US/Alaska
isdst=1
US/Alaska
isdst=1
US/Alaska
Sun Mar 11 10:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 AKST
Sun Mar 11 11:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 AKDT
Sun Nov
Sun Nov
The first and second lines of the command result indicate that the time changes from
Mar 11 02:00:00 2007 to Mar 11 03:00:00 2007 and DST starts.
The third and fourth lines of the command result indicate that the time changes from
Nov 4 02:00:00 2007 to Nov 4 01:00:00 and DST ends.
Issue 04 (2013-08-30)
10
Issue 04 (2013-08-30)
11
Procedure
Step 1 Stop M2 system services.
You can check whether the M2 one-click installation packge
M2V100R002C00SPC400OneKeyInstall_pkg.tar or one-click script svc_stop.sh is available
in the /export/home/m2install directory by running ls /export/home/m2install.
l Stop M2 system services by referring to 13.4 How Do I Stop M2 System Services? (OneClick) if at least one of the above is available.
l Stop M2 system services by referring to 13.6 How Do I Stop M2 System Services? if neither
of them is available.
Step 2 Stop Oracle services. For detailed operations, see 9.1.4 Stopping Oracle.
Step 3 Log in to the server as user root and run the following commands.
# . /opt/Nastar/svc_profile.sh
# cd /opt/Nastar/tools/tools_ip
# ./ChangeIP.sh
Step 4 When the system displays the following information, set the host name, private IP address, subnet
mask, and gateway of the server as required:
**********************************************************
*
*
*
Configure System Parameters for PC server
*
*
*
**********************************************************
Please input host name [Default:nassvr,Q:quit]:
Please input IP address [Default:10.141.132.232,Q:quit]:
Please input net masks [Default:255.255.255.0,Q:quit]:
Please input default route [Default:10.141.132.1,Q:quit]:
Step 5 When the system displays the following information, type Y and press Enter:
Are you sure to continue?[Y/N]
When the system displays the following information, the private IP address of the server is
changed successfully:
CfgOracleFile.......Success
ChgProductIP........Success
ChgEsauCFG........Success
DeleteLoadCFG.......Success
Change IP is completed
Please reboot machine
Step 6 Run the following commands to change the private IP address of the server recorded in the
eSAU configuration file:
# cd /opt/esau/script/modifyesau
Issue 04 (2013-08-30)
12
# sh modifyLocalIP.sh /opt/esau Old private IP address of the server new private IP address
of the server
Step 7 Run the following commands to change the private IP address of the server recorded in the
SAU configuration file:
# cd /opt/PSSAU/script/modify
# sh modifyLocalIP.sh /opt/PSSAU Old private IP address of the server new private IP
address of the server
Step 8 Run the following commands to change the public IP address of Agent Server:
NOTE
You are advised not to change the public IP address. Changing the IP address will affect the deployed M2
Agent that accesses Agent Server using the old IP address.
# cd /opt/Nastar/tomcat/script/modify
# sh modifyLocalIP.sh New public IP address of the server
Step 9 Run the following commands to restart the server:
# sync; sync; sync; sync; sync; sync
# shutdown -r now
Step 10 Perform the following substeps 10 minutes after the server is started to check that M2 system
services are running.
1.
Check that M2 services are running. For detailed operations, see 12.2.10 Checking M2
Service Status.
Restart M2 services if M2 services are not running. For detailed operations, see 8.1.4
Stopping M2 Server Services and 8.1.3 Starting M2 Server Services.
2.
Check that eSAU services are running. For detailed operations, see 12.2.12 Checking
eSAU Service Status.
Restart eSAU services if eSAU services are not running. For detailed operations, see 8.1.12
Stopping eSAU Services and 8.1.11 Starting eSAU Services.
3.
Check that SAU services are running. For detailed operations, see 12.2.11 Checking SAU
Service Status.
Restart SAU services if SAU services are not running. For detailed operations, see 8.1.8
Stopping SAU Services and 8.1.7 Starting SAU Services.
4.
Check that GaussDB services are running. For detailed operations, see 12.2.15 Checking
GaussDB Database Status.
Restart GaussDB services if GaussDB services are not running. For detailed operations,
see 9.2.4 Stopping GaussDB and 9.2.3 Starting GaussDB.
5.
Check that Agent Server services are running. For detailed operations, see 12.2.13
Checking Agent Server Service Status.
Restart Agent Server services if Agent Server services are not running. For detailed
operations, see 8.2.4 Stopping the Agent Server Service and 8.2.3 Starting the Agent
Server Service.
----End
Issue 04 (2013-08-30)
13
Follow-up Procedure
You must change the IP address of the server where you want to log in when you log in to the
M2 client again.
Prerequisites
You have logged in to the server as user root.
Procedure
l
Command
Example
Viewing a
route
# netstat -r
Adding a
route
# route [-v] [-A family] add [-net|host] target [netmask Nm] [gw Gw]
[metric N] [mss M] [window W] [irtt
I] [reject] [mod] [dyn] [reinstate]
[[dev] If]
Deleting a
route
# route [-v] [-A family] del [-net|host] target [gw Gw] [netmask Nm]
[metric N] [[dev] If]
Automaticall
y adding a
route for the
server each
time the
server is
restarted
l # vi /etc/init.d/boot.route
Issue 04 (2013-08-30)
14
4 Managing License
Managing License
Issue 04 (2013-08-30)
15
4 Managing License
Prerequisites
l
Context
Table 4-1 describes the detailed information of the license.
Table 4-1 License information
Item
Attribute
Description
Example
Resource
Control
Product
Resource
M2 Agent License(Pro)
Capacity
1000
Consumption
200
Overflow Time
2012-12-31
Product
Function
Support or Not
support
Function
Control
Procedure
Step 1 In the main menu, choose Help > License Management > License Information.
Step 2 On the Resource Control Item and Function Control Item tab pages of the License
Information dialog box, check the resource and function control information of the license.
----End
Issue 04 (2013-08-30)
16
4 Managing License
Prerequisites
You have successfully installed the operating system of M2 server.
Context
The ESN is necessary for you to prepare the license file, and therefore you must obtain the ESN
in advance.
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following command to check the ESN information.
# ifconfig
Information similar to the following is displayed:
eth0
Link encap:Ethernet
HWaddr 00:0C:29:A3:95:1C
Prerequisites
l
Issue 04 (2013-08-30)
17
4 Managing License
Context
The services provided with M2 are license-controlled. You need to update the license on the
client to use the corresponding resources or functions.
Procedure
Step 1 In the main menu, choose Help > License Management > License Information.
Step 2 In the displayed License Information dialog box, click the Function Control Item tab.
Step 3 Click Update License.
Step 4 Select the license file.
Step 5 Click Open.
Step 6 In the displayed License Comparison Result window, click OK.
Step 7 Click Close.
Step 8 Log in to the M2 client again for the license to take effect.
Step 9 Assign M2 Agent licenses. For detailed operations, see Operation and Maintenance > GENEX
Mobile Manager Operator Guide > Preparing for M2 Agent Analysis > Managing M2
Agent Licenses > Assigning M2 Agent Licenses in GENEX Mobile Manager Product
Documentation.
----End
Issue 04 (2013-08-30)
18
Issue 04 (2013-08-30)
19
Issue 04 (2013-08-30)
User
Name
Function
Initial
Passwor
d
Rights
User
Group
Shel
l
Res
oluti
on
Prog
ram
Di
rec
tor
y
root
Changem
e_123
other, bin,
sys, adm,
uucp, mail,
tty, lp,
nuucp,
daemon,
and
user.root
/
sbin/
sh
/
roo
t
User root is
authorized to
install and uninstall
the M2 system
server applications
and to start and
stop the M2 system
services.
20
User
Name
Function
Initial
Passwor
d
Rights
User
Group
Shel
l
Res
oluti
on
Prog
ram
Di
rec
tor
y
oracle
As the administrator
of the database
software, user
oracle is responsible
for the operation
and maintenance of
the database
software.
Changem
e_123
User oracle is
authorized to
perform all
operations on the
database.
dba,
oinstall,
and
omcuser
/bin/
bash
/
opt
/
ora
cle
Changem
e_123
User omcuser is
authorized to
perform routine
operation and
maintenance and
access the
database.
root, sys,
omcsysm,
dba,
oinstall,
and disk
/bin/
bash
/
ex
por
t/
ho
me
/
om
c
Normally, during
the installation of
the Oracle, user
oracle is
automatically
created in the M2
system and you
need not create user
oracle manually.
omcus
er
As the operator of
the M2 system, user
omcuser is
responsible for
operating and
maintaining the M2
system, such as
querying system
status, backing up
and restoring the
system.
Normally, during
the installation of
the SUSE Linux
operating system,
user omcuser is
automatically
created in the
system, and you
need not create user
omcuser manually.
Issue 04 (2013-08-30)
User omcuser
cannot install and
uninstall the M2
system server
applications.
21
User
Name
Function
Initial
Passwor
d
Rights
User
Group
Shel
l
Res
oluti
on
Prog
ram
Di
rec
tor
y
ftpuser
User ftpuser is
responsible for data
collection.
Changem
e_123
User ftpuser is
authorized to
transmit data.
dialout,
video, and
omcuser
/bin/
bash
/
ex
por
t/
ho
me
/
sys
m
Normally, during
the installation of
the SUSE Linux
operating system,
user ftpuser is
automatically
created in the
system, and thus
you need not create
user ftpuser
manually.
Prerequisites
l
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Issue 04 (2013-08-30)
22
Procedure
Step 1 Log in to the server as user root, and then type the old password of user root.
Step 2 Run the following command to change the password of user root:
# passwd root
New Password:new password
Reenter New Password:new password
If Password changed or Changed successfully is displayed, the password is
changed successfully.
----End
Prerequisites
l
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Procedure
Step 1 Log in to the server as user root, and then run the following commands to change the password
of user omcuser.
# passwd omcuser
New Password:new password
Reenter New Password:new password
If Password changed or Changed successfully is displayed, the password is
changed successfully.
----End
Issue 04 (2013-08-30)
23
Prerequisites
l
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Procedure
Step 1 Run the following commands to stop M2 services:
1.
Check that the M2 services are running properly. For detailed operations, see 8.1.2
Checking M2 Server Service Status.
2.
Stop M2 services. For detailed operations, see 8.1.4 Stopping M2 Server Services.
NOTE
Currently, the M2 Server are co-deployed with the Agent Server. The Tomcat server provided with M2
services is used in Agent Server services. The Agent Server services are stopped when the M2 services are
stopped.
Check that the eSAU services are running properly. For detailed operations, see 8.1.10
Checking eSAU Service Status.
2.
Stop eSAU services. For detailed operations, see 8.1.12 Stopping eSAU Services.
Check that the SAU services are running properly. For detailed operations, see 8.1.6
Checking SAU Service Status.
2.
Stop SAU services. For detailed operations, see 8.1.8 Stopping SAU Services.
Step 4 Log in to the server as user root, and run the following command to change the password of
user ftpuser:
# passwd ftpuser
New password: New password
Issue 04 (2013-08-30)
24
Step 8 Start eSAU services. For detailed operations, see 8.1.11 Starting eSAU Services.
Step 9 Start SAU services. For detailed operations, see 8.1.7 Starting SAU Services.
----End
Prerequisites
l
Issue 04 (2013-08-30)
25
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Procedure
Step 1 Log in to the server as user root, and then run the following commands to change the password
of user oracle.
# passwd oracle
New Password:new password
Reenter New Password:new password
If Password changed or Changed successfully is displayed, the password is
changed successfully.
----End
Context
l
This section describes how to create user test1. User test1 with user ID 123 belongs to the
staff user group. The main directory /home1 is automatically created. The template files
are saved in the /etc/skel directory. This user account adopts the B shell program.
Procedure
Step 1 Log in to the server as user root, and then run the following command to create user test1.
# useradd -d /home1 -g staff -m -k /etc/skel -u 123 -s /bin/bash test1
Issue 04 (2013-08-30)
26
NOTE
l -d /home1: indicates that the main directory is home1. Change /home1 to the actual main directory
when you create other users.
l -g staff: indicates that the user belongs to the staff group. Change staff to the actual group when you
create other users.
l -m: indicates that the system creates this directory automatically if the main directory does not exist.
l -k /etc/skel: copies the template files in a specified directory to the main directory. Common template
files include .profile and .cshrc files. If the main directory already exists, ensure that the user who
create the main directory and the users that are in the same user group as the user who create the main
directory have the read, write, and operation permissions of the directory.
l -u 123: indicates that the user ID is 123. One user has a unique ID. Replace the ID with the actual user
ID when you create other users.
l -s /bin/bash: indicates that the user uses B Shell. Change B Shell to the actual shell.
Step 2 Run the following command to set the password for the new user account:
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l The password contains at least one uppercase letter.
l The password contains at least one lowercase letter.
l The password contains at least one digit.
l The password contains at least one special character.
l The password does not contain the user name.
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
# passwd test1
New Password:new password
Reenter New Password:new password
If Password changed or Changed successfully is displayed, the password is
changed successfully.
----End
Procedure
Step 1 Log in to the server as user root, and then run the following command to delete SUSE Linux
users:
# userdel -r User name
After the previous command is executed, run the following command. If su: user name
of the deleted user does not exist is displayed, deleting the user account
succeeds.
Issue 04 (2013-08-30)
27
CAUTION
You cannot delete a login user by running the userdel command.
----End
Issue 04 (2013-08-30)
User
Name
Function
Initial
Passwor
d
Rights
User
Group
Shell
Resol
ution
Progr
am
Di
rec
tor
y
root
Change
me_123
other,
bin, sys,
adm,
uucp,
mail,
tty, lp,
nuucp,
daemon
,
user.roo
t
/sbin/
sh
/
roo
t
User root is
authorized to install
and uninstall the
M2 system server
applications and to
start and stop the
M2 system
services.
28
User
Name
Function
Initial
Passwor
d
Rights
User
Group
Shell
Resol
ution
Progr
am
Di
rec
tor
y
omcus
er
Change
me_123
User omcuser is
authorized to
perform routine
operation and
maintenance and
access the
database.
root,
sys,
omcsys
m, dba,
oinstall,
disk
/bin/
bash
/
ex
por
t/
ho
me
/
om
c
As an operating
omcsys
system user, this
m
user is authorized
to start, access, and
perform the routine
operation and
maintenance on the
GaussDB database.
/bin/
bash
/
ho
me
/
ga
uss
db
a
User omcuser
cannot install and
uninstall the M2
system server
applications.
GaussDB
administrator account
of the Agent Server
database software.
User gaussdba is
responsible for the
routine operation and
maintenance of the
GaussDB database
software.
Users set
the
password
as
required
when
installing
the server
software.
Normally user
gaussdba is
automatically created
in the system when
the GaussDB is
installed, and
therefore you do not
need to create
gaussdba manually.
29
Prerequisites
l
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Procedure
Step 1 Log in to the server as user root, and then run the following commands to change the password
of user gaussdba.
# passwd gaussdba
New Password:new password
Reenter New Password:new password
If Password changed or Changed successfully is displayed, the password is
changed successfully.
----End
30
Initial Password
User Description
SYS
Changeme_123
SYSTEM
Changeme_123
SYSMAN
sysman
WMSYS
wmsys
MGMT_VIE
W
mgmt_view
ORACLE_D
CM
oracle_dcm
TSMSYS
tsmsys
DBSNMP
dbsnmp
OUTLN
outln
DIP
dip
ALARMDB
Changeme_123
IMAPEAMD
B
Changeme_123
IMAPLOGD
B
Changeme_123
IMAPSMDB
Changeme_123
IMAPTEMP
DB
Changeme_123
IMAPTMDB
Changeme_123
IMAP_DB
Changeme_123
naspa
Changeme_123
Issue 04 (2013-08-30)
31
Prerequisites
l
Context
CAUTION
You cannot change the password of a single database user. This function changes the password
of the Oracle administrator and the passwords of the table space users of the databases in the
M2.
A user password of the Oracle database can contain only Arabic numerals, case-insensitive
letters, and _. The valid password length contains 8 to 30 characters. To improve password
security, the password must:
l
The password must also meet the requirements for the Oracle database. For details about the
password policies of the Oracle database, see the DVD-ROM delivered with the Oracle database.
Procedure
Step 1 Stop the eSAU services.
1.
2.
3.
Run the following command to check whether the eSAU services are stopped:
~> esau_ps
l If the information similar to the following is displayed, eSAU service processes are
stopped. Perform Step 2.1.
Monitor............................not running
eSAU...............................not running
SysMonitor.........................not running
[All Services: 3 ] [Running: 0 ] [Not Running: 3 ]
Issue 04 (2013-08-30)
32
2.
3.
Run the following command to check whether the M2 services are stopped:
~> svc_ps
l If no command output is displayed, the M2 services have been stopped. Go to Step
2.5.
l If there is any command output, the M2 services do not stop. Go to Step 2.4.
4.
5.
6.
Run the following command to check whether the M2 daemon process is stopped:
~> daem_ps
If no command output is displayed, the M2 daemon process has been stopped. Go to Step
2.8.
If there is any command output, the M2 service does not stop. Go to Step 2.7.
7.
8.
Run the following command to check whether the TAO process is stopped:
~> ps ef|grep 9999|grep v grep
If no command output is displayed, the TAO process has been stopped. Go to Step 3.1.
If there is any command output, the TAO process does not stop. Go to Step 2.9.
9.
Run the following command to switch to the directory where the script is stored:
~> cd /opt/Nastar/tools/config
2.
Run the following command to modify the script of changing passwords for Oracle database
users:
~> ./modify.sh
------------------------------------------------------------------
Issue 04 (2013-08-30)
33
3.
4.
5.
6.
2.
----End
Issue 04 (2013-08-30)
34
Initial Password
User Description
gaussdba
mmagents
Prerequisites
l
Context
NOTE
The password can contain 8 to 30 characters, including digits 0 to 9, lowercase letters a to z, uppercase
letters A to Z, and special characters @%-=_.]{}. To improve password security, you are advised to use
the following password policies:
l
The password must also meet the requirements of the operating system. For details about the password
policies of the operating system, see the DVD-ROM delivered with the operating system.
Procedure
Step 1 Stop the Tomcat service.
Issue 04 (2013-08-30)
35
1.
2.
If the displayed information is consistent with the preceding information, Tomcat services
are stopped.
Step 2 Change the password of the GaussDB database user.
1.
2.
Run the following commands to change the password for logging in to the GaussDB
database.
~> cd /opt/Nastar
~> . ./svc_profile.sh
~> cd /opt/Nastar/tomcat/script/modify
~> . GaussDB_Password.sh
Information similar to the following is displayed:
Please enter the password for gaussdba:
Please enter the old password for the role mmagents:
New Password:
Reenter New Password:
Type the password of the operating system user gaussdba, and the old and new passwords
of user mmagents as prompted.
----End
Prerequisites
You have obtained the account and password of the M2 system administrator.
Procedure
l
For details about how to manage M2 users, see the section Operation and Maintenance
> Security Management > Configuration and Management of User Securityin the
GENEX Mobile Manager Product Documentation.
----End
Issue 04 (2013-08-30)
36
Prerequisites
You have obtained the account and password of the Agent Server administrator.
Procedure
l
For details about how to manage Agent Server users, see the section Operation and
Maintenance > Security Management > Configuration and Management of User
Securityin the GENEX Mobile Manager Product Documentation.
----End
Prerequisites
l
You have obtained the IP address of the existing remote management port.
You have obtained the old password of user Administrator for the remote management
port.
You have planned the new password of user Administrator for the remote management
port.
Context
CAUTION
The password of user Administrator for the remote management port must adhere to the
following rules:
l
The password does not contain the user name. It contains 8 to 30 characters, including digits
0 through 9, lowercase letters a through z, uppercase letters A through Z, and the following
special characters: @ % - = _ . ] {}.
Issue 04 (2013-08-30)
37
Procedure
Step 1 Enter https://IP address of the remote management port in the address box of the web browser,
and press Enter. The page for logging into the remote management port is displayed.
TIP
Step 2 Enter the name and password of user Administrator, and click Log In. The management
window at the remote management port is displayed.
Step 3 In the navigation tree, choose Administration > User Administration
Step 4 In the User Administration area, select Administrator in the Local Users list.
Step 5 Click Edit.
Step 6 In User Name and Login Name, enter Administrator. In Password and Password Confirm,
enter the new password of user Administrator.
Step 7 Click Update User to validate the new password of user Administrator.
Step 8 Click Sign Out to exit the remote management port.
----End
Basic Concepts
The FTP client and the FTP server communicate with each other on the basis of security protocols
to ensure data confidentiality and integrity. Security protocols consist of Secure Shell (SSH),
SSH File Transfer Protocol (SFTP), Security Socket Layer (SSL), and FTP Over SSL (FTPS),
as described in Table 5-5.
Table 5-5 Basic Concepts
Issue 04 (2013-08-30)
Concept
Description
SSH
The SSH protocol is usually used to replace the Telnet protocol that is
traditional and insecure. It supports the setup of an encrypted tunnel between
the SSH client and the SSH server. After setting up a TCP connection, the client
and server can transmit data through the encrypted tunnel.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
38
Concept
Description
SFTP
As a secure FTP protocol developed from the SSH protocol, the SFTP protocol
is used to transfer files in encryption mode.
SSL
The SSL protocol is used to protect all application protocols based on the TCP
or other transfer protocols.
The SSL protocol is mainly used to identify communication entities and
provides a secure channel for data confidentiality and integrity. The SSL
protocol meets the following basic security requirements: data confidentiality,
data integrity, and entity identification.
FTPS
As a secure FTP protocol developed from the SSL protocol, the FTPS protocol
is used to encrypt data during FTP login connection and data transmission.
Issue 04 (2013-08-30)
39
Issue 04 (2013-08-30)
40
Context
l
The parameter Server status refresh interval indicates the sampling interval. That is, the
CPU and memory usage is sampled at the specified interval.
CPU overload indicates that the CPU usage is larger than the threshold for alarm generation.
If the CPU usage sampled each time is larger than the threshold for alarm generation, it
means that the CPU is continuously overloaded. In this case, the number of continuous
CPU overload times is equal to that of continuous sampling times.
Procedure
Step 1 Choose System > System Monitor > Settings from the main menu.
Step 2 In the System Monitor Settings dialog box, click the Server Monitor tab.
Step 3 Set the parameters.
Step 4 Click OK.
----End
Result
l
When the number of sampling times with overloading reaches the specified value, a high
CPU usage alarm is generated. If the CPU usage sampled at a time is smaller than the
threshold for alarm clearance, the high CPU usage alarm is cleared.
When the memory usage is larger than the threshold for alarm generation, a high memory
usage alarm is generated. When the memory usage is smaller than the threshold for alarm
clearance, the high memory usage alarm is cleared.
When a high usage alarm is generated, the round icon in the CPU Usage or Memory
Usage column turns red on the Server Monitor tab page in the System Monitor
Browser window. If you enable the function of displaying pop-up messages, you can
receive performance exception messages on the status bar of the client.
Issue 04 (2013-08-30)
41
6.1.2 Setting the Parameters for Monitoring the Disk Usage of the
M2 Server
You can set the disk monitoring parameters to monitor the disk usage of the M2 server. This
helps you to find and handle insufficiency of the disk space in time, thereby preventing service
exceptions. When the disk usage reaches the specified threshold, the M2 client receives a high
disk usage alarm. You can also determine whether to display pop-up messages on the client.
After you enable this function, the M2 client displays a pop-up message, prompting you of a
disk exception.
Procedure
Step 1 Choose System > System Monitor > Settings from the main menu.
Step 2 In the System Monitor Settings dialog box, click the Hard Disk Monitor tab.
Step 3 On the Hard Disk Monitor tab page, set Hard disk status refresh interval and the thresholds
for alarm generation and clearance.
To set the thresholds, specify default values shared by all disks under Default value setting.
Then, you can specify other values in Advanced settings for a specific disk. The detailed
procedure is as follows:
1.
Click + before Default value setting, and then set the thresholds for generating and clearing
alarms of different severities. The threshold specified for generating alarms of a low
severity must be smaller than that for generating alarms of a high severity.
2.
Expand Advanced settings, and then click + before the server name. You can view that
all disks use the default thresholds. To specify other values for a disk, click + before the
disk name, and then click the cell after the name. In the drop-down list, select Customize
value. In the text box, enter the thresholds for generating and clearing alarms of different
severities. If you do not want to receive alarms of a disk, select Disable alarm
generation.
Step 4 Optional: Expand Advanced setting until the disk name is displayed. In the Enable Bubble
column, select Enable or Disable.
Step 5 After the setting, click OK.
----End
Result
l
When the hard disk space usage reaches the threshold set for generating alarms of a certain
severity, a corresponding alarm is generated. When the usage reaches the preset threshold
for a higher severity, an alarm of the higher severity is generated and the existing alarm is
automatically cleared. When the usage is lower than a threshold for clearing alarms of a
severity, the alarm of this severity is cleared.
When a high disk usage alarm is generated, the round icon in the Status column turns red
on the Hard Disk Monitor tab page in the System Monitor Browser window. If you
enable the function of displaying pop-up messages, the message The hard disk partition
is abnormal is displayed on the status bar of the client.
Issue 04 (2013-08-30)
42
6.1.3 Setting the Parameters for Monitoring the Service Status of the
M2 Server
You can set the interval of refreshing the service status and determine whether to display popup messages. If you enable the function of displaying pop-up messages, the M2 prompts service
changes and refreshes the service status at the specified refresh interval.
Procedure
Step 1 Choose System > System Monitor > Settings from the main menu.
Step 2 In the System Monitor Settings dialog box, click the Service Monitor tab.
Step 3 On the Service Monitor tab page, set Service status refresh interval and determine whether
to display pop-up messages.
Step 4 Click OK.
----End
Result
l
On the Service Monitor tab page in the System Monitor Browser window, information
is refreshed at the specified interval.
When the tooltip function of some services is enabled, a status indicator is displayed on the
status bar in the lower-right corner of the GUI. When all the services for which the tooltip
function is enabled are running, the status indicator is displayed green. When one or
multiple such services are stopped, the status indicator is displayed red and a pop-up
message is displayed.
Procedure
Step 1 Choose System > System Monitor > Settings from the main menu.
Step 2 In the System Monitor Settings dialog box, click the Database Monitor tab.
Step 3 On the Database Monitor tab page, set Database status refresh interval and the thresholds
for alarm generation.
To set the thresholds, specify default values shared by all databases under Default value
setting. Then, you can specify other values in Advanced settings for a specific database. The
detailed procedure is as follows:
Issue 04 (2013-08-30)
43
1.
Click + before Default value setting, and then set the thresholds for generating alarms of
different severities. The threshold specified for generating alarms of a low severity must
be smaller than that for generating alarms of a high severity.
2.
Expand Advanced settings, and then click + before the server name and database instance
name. You can view that all databases use the default thresholds. To specify other values
for a database, click + before the database name, and then click the cell after the name. In
the drop-down list, select Customize value. In the text box, enter the thresholds for
generating alarms of different severities. If you do not want to monitor the usage of a
database, select Disabled Monitoring.
Result
l
When the database usage of the M2 server reaches the threshold for alarm generation, the
M2 generates an alarm. When the usage is smaller than the threshold, the corresponding
clearance alarm is generated.
When the condition for generating a high database usage alarm is met, the round icon in
the Status column turns red on the Database Monitor tab page in the System Monitor
Browser window.
Context
If a service is stopped or abnormal, its status icon is displayed in red.
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the Service Monitor tab.
Step 3 On the Service Monitor tab page, right-click an service and choose Details.
NOTE
You can also double-click a service to access the Service Details dialog box.
Step 4 In the displayed Service Details dialog box, view the service details and dependencies between
services.
----End
Issue 04 (2013-08-30)
44
Context
If the database space is insufficient, contact Huawei technical support engineers to determine
an expansion solution.
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the Database Monitor tab.
NOTE
The database monitoring parameters vary according to different databases. For the Oracle database, the
available parameters for database monitoring include Database Name, Total Data Space, Free Data
Space, Total Data Space Usage, Table Space Usage, and Status.
Step 3 On the Database Monitor tab page, view the database status of the M2 server.
Whether Status of a database is Normal depends on the preset alarm threshold. When the
database usage exceeds the threshold, Status changes to Abnormal.
----End
Procedure
Step 1 Log in to the server as user omcuser.
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command runs, type the password of user
omcuser.
45
service is running.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check Agent Server process status:
~> cd /opt/Nastar/tomcat/script
~> sh ams_ps.sh
The CPU usage and memory usage of the current Agent Server process are 0.0% and 0.9%
respectively if the information similar to the following is displayed:
%CPU
0.0
%MEM
0.9
NAME
tomcat
Procedure
Step 1 Log in to the server as user gaussdba (The home directory is /home/gaussdba).
NOTE
l If you have logged in to the server as any other user, run su - gaussdba to switch to gaussdba.
l Enter the password of user gaussdba if required when you run the su - gaussdba command.
Step 2 Run the following command to check whether GaussDB database services are started:
~> gs_ctl query
If the information similar to the following is displayed, GaussDB database services are started.
Otherwise, GaussDB database services are not started.
Ha state:
LOCAL_ROLE
STATIC_CONNECTIONS
DB_STATE
DETAIL_INFORMATION
:
:
:
:
Normal
0
Normal
Normal
----End
Issue 04 (2013-08-30)
46
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the Hard Disk Monitor tab.
Step 3 On the Hard Disk Monitor tab page, view the disk status of the server.
Whether Status of an item is Normal depends on the preset threshold for alarm generation.
When the usage of the item exceeds the threshold, Status changes to Abnormal.
----End
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the Server Monitor tab.
Step 3 On the Server Monitor tab page, view the status of the M2 server.
----End
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the Component Information tab.
Step 3 On the Component Information tab page, view the information about all installed components.
----End
Issue 04 (2013-08-30)
47
Context
l
After you switch to another monitor tab, the monitoring information on this tab page is
refreshed immediately.
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the tab corresponding to the monitoring
information to be refreshed.
Step 3 Click Refresh.
----End
Procedure
Step 1 Choose System > System Monitor > Browser from the main menu.
Step 2 In the mainSystem Monitor Browser window, click the tab corresponding to the monitoring
information, and then click Save As.
NOTE
l The monitoring information can be saved in the format of TXT, HTML, CSV, or XML. The default
format is XML.
l Two types of encoding formats are supported: ANSI - Latin 1 and UTF-8. The default encoding format
is ANSI - Latin 1. You are recommended to use the default encoding format if the saved file does not
need to support multiple languages; otherwise, UTF-8 is recommended.
Step 3 In the Save dialog box, select a path, enter a file name, and click Save.
----End
Issue 04 (2013-08-30)
48
Parameters
Parameter
Server
Monitor
Parameter
Settings
Number of
consecutive
CPU overloads
(10-400)
Description
Setting
Description:
Value:
Server
Monitor
Threshold
Settings
Issue 04 (2013-08-30)
Server status
refresh interval
(2-60 seconds)
Description:
Value:
Description:
Value:
Default value: 15
49
Parameter
Memory usage
(%)
Description
Setting
Value:
Parameters
Parameter
Disk
Monitor
Parameter
Settings
Issue 04 (2013-08-30)
Hard disk
status refresh
interval
(60-3600
seconds)
Description
Setting
Description:
Value:
50
Parameter
Disk
Monitor
Threshold
Settings
Default value
setting (%)
Description
Setting
Description:
Setting method:
Issue 04 (2013-08-30)
Value:
Value range: 1-99
Default value of Alarm
Generation Threshold:
l warning: 60
l Minor: 70
l warning: 55
l Major: 80
l critical: 90
Default value of Alarm
Clearance Threshold:
l Minor: 65
l Major: 75
l critical: 85
51
Parameter
Advanced
settings (%)
Description
Setting
Description:
Setting method:
Parameters
Parameter
Database
Monitor
Parameter
Settings
Issue 04 (2013-08-30)
Database status
refresh interval
(300-3600
seconds)
Description
Setting
Description:
Value:
Interval of database
refreshing.
52
Parameter
Database
Monitor
Threshold
Settings
Default value
setting (%)
Description
Setting
Description:
Setting method:
Issue 04 (2013-08-30)
Value:
Value range: 1-100
Default value:
l warning: 85
l Minor: 90
l Major: 95
l critical: 98
53
Parameter
Advanced
settings (%)
Description
Setting
Description:
Setting method:
1. Click + before
Advanced settings to
expand nodes.
Issue 04 (2013-08-30)
54
Parameters
Parameter
Services Monitor
Parameter Settings
Description
Setting
Description:
Value:
Interval of service
refreshing.
Value range:
60-3600
Default value: 60
Service Monitor
Screen Tip Settings
Default Group
Description:
Setting method:
Set whether to
display the service
status at the lower
right corner of the
M2 system monitor
client by using
or
.
NOTE
l If all the
monitored
services are
running,
displayed.
is
l If a monitored
service is stopped,
is displayed.
l You can doubleclick
or
to
access the Service
Monitor tab.
Parameters
Parameter
Description
Service Name
Description:
Name of a service.
Process Name
Description:
Name of a process.
Issue 04 (2013-08-30)
55
Parameter
Description
Description
Description:
Description of functions, interfaces, and other information of
a service.
Status
Description:
Status of a service.
Startup Mode
Description:
Service startup mode: Automatic, Manual, or Disabled. The
Disabled mode is available only for stopped services.
Description:
The system monitor automatically restarts the service when
the service stops abnormally. This parameter indicates the
times for automatically restarting the service.
The number of restart times is cleared when the M2 is
restarted.
NOTE
l The service automatically restarts when Startup Mode of the
service is set to Automatic.
l By default, this menu item is hidden. You can press Ctrl+Alt
+R to display it.
Description:
Start Time
Description:
Name of a server.
Parameters
Parameter
Description
File System
Description:
Hard disk partitions and their paths.
Description:
Total size of a specified partition. It equals to the sum of Used
Size and Free Size.
Issue 04 (2013-08-30)
56
Parameter
Description
Description:
Size of the used space of a specified partition.
Description:
Size of the remaining space of a specified partition.
Usage (%)
Description:
Usage of a specified partition.
Status
Description:
State of a specified partition: Normal or Abnormal. If the
hard disk usage is equal to or larger than the threshold, the
state is Abnormal.
Description
Database Name
Description:
Name of the database on the M2 server.
Description:
Total size of the data space in a database.
Description:
Size of the remaining data space in a database.
Description:
Rate of the used data space and the total data space in
a database.
Issue 04 (2013-08-30)
57
Parameter
Description
Description:
Rate of the used table space and the total table space
in a database.
NOTE
The Oracle database occupies the table space in a greedy
manner. The high-water mark determines the used and
unused blocks in a segment. The high-water mark increases
after data is added, but does not decrease after data is deleted.
The M2 calculates the Oracle data usage by monitoring the
high-water mark. Therefore, the Oracle data usage monitored
by the M2 does not decrease after data deletion.
Status
Description:
Database state: Normal or Abnormal. If the database
usage is equal to or larger than the threshold, the state
is Abnormal.
Parameters
Parameter
Description
Server Name
Description:
Name of the M2 server.
Server Status
Description:
State of the M2 server: Active or Standby.
OS
Description:
Operating system of the server.
Description:
Total capacity of the physical memory on the server.
Description:
Remaining capacity of the physical memory on the
server.
Description:
Total virtual memory space of the M2 server when the
server runs the Solaris or Linux OS.
Issue 04 (2013-08-30)
58
Parameter
Description
Description:
Remaining virtual memory space of the M2 server when
the server runs the Solaris or Linux OS.
Description:
Usage of the CPU.
Description:
Usage of the memory, including the physical memory
and virtual memory.
Parameters
Parameter
Description
Component
Description:
Component name of the M2 server.
Version
Description:
Component version of the M2 server.
Description
Description:
Component description of the M2 server.
Issue 04 (2013-08-30)
59
7 Managing Logs
Managing Logs
Issue 04 (2013-08-30)
60
7 Managing Logs
Description
The operation log records the operations that are performed on the M2 client but do not affect
the M2 security, such as creating views, acknowledging alarms, and clearing alarms.
Path
Operation logs are stored in the database. You can query them through the client. The entry for
querying operation logs through the client is Security > Log Management > Query Operation
Logs.
You can dump operation logs from the database to a file. The entry for dumping operation logs
is Maintenance > Task Management.In the Task Type navigation tree, choose Database
Capacity Management > Operation Log Dump, The default dump paths are /opt/Nastar/var/
ThresholdExport/Log.
After the operation logs are dumped, the M2 generates the associated folder and log file:
l
Folder: In the dump path, the M2 generates a folder named the date of the dump operation.
The format of the name is YYMMDD.
Log file: The following two files are generated in the folder: YYMMDDHHMMSSoperation-log-dateThreshold_info.xml and YYMMDDHHMMSS-operation-logdateThreshold-number.extension. The file with the suffix _info.xml saves the
configuration information of the dumped logs, and the file with the suffix number.extension saved the information about the dumped logs.
NOTE
Operation logs can be dumped to a .csv, xml, txt, or html file, and the file can be compressed to a .zip
package.
Parameters
Parameter Name Parameter Meaning
Operation Name
Issue 04 (2013-08-30)
61
7 Managing Logs
Levels of risks caused by the operations that are performed on the M2:
Warning, Minor, and Risk.
Operation User
M2 user.
User Type
Start Time
End Time
Operation Result
Details
Description
The system log records the tasks that are performed on the M2 server and affect the running of
the M2. These tasks are triggered on the M2 client, such as starting and executing scheduled
tasks, or triggered on the M2 server, such as starting and stopping the M2 service.
Path
System logs are stored in the database. You can query them through the client. The entry for
querying system logs through the client is Security > Log Management > Query System
Logs.
You can dump system logs from the database to a file. The entry for dumping system logs is
Maintenance > Task Management.In the Task Type navigation tree,choose Database
Capacity Management > System Log Dump The default dump paths are /opt/Nastar/var/
ThresholdExport/Log.
After the system logs are dumped, the M2 generates the associated folder and log file:
Issue 04 (2013-08-30)
62
7 Managing Logs
Folder: In the dump path, the M2 generates a folder named the date of the dump operation.
The format of the name is YYMMDD.
Log file: The following two files are generated in the folder: YYMMDDHHMMSS-systemlog-dateThreshold_info.xml and YYMMDDHHMMSS-system-log-dateThresholdnumber.extension. The file with the suffix _info.xml saves the configuration information
of the dumped logs, and the file with the suffix -number.extension saves the information
about the dumped logs.
NOTE
System logs can be dumped to a .csv, xml, txt, or html file, and the file can be compressed to a .zip
package.
Parameters
Parameter Name Parameter Meaning
Level
Source
Time
Details
Description
Security logs record the security operations that the user performs in the M2, for example, login,
logout, and unlocking.
Path
Security logs are stored in the database. You can query them through the client. The entry for
querying security logs through the client is Security > Log Management > Query Security
Logs.
You can also dump security logs from the database to a file. The entry for dumping security logs
is Maintenance > Task Management.In the Task Type navigation tree,choose Database
Issue 04 (2013-08-30)
63
7 Managing Logs
Capacity Management > Security Log Dump, The default dump paths are /opt/Nastar/var/
ThresholdExport/Log.
After the security logs are dumped, the M2 generates the associated folder and log file:
l
Folder: In the dump path, the M2 generates a folder named the date of the dump operation.
The format of the name is YYMMDD.
Log file: The following two files are generated in the folder: YYMMDDHHMMSSsecurity-log-dateThreshold_info.xml and YYMMDDHHMMSS-security-logdateThreshold-number.extension. The file with the suffix _info.xml saves the
configuration information of the dumped logs, and the file with the suffix number.extension saves the information about the dumped logs.
NOTE
Security logs can be dumped to a .csv, xml, txt, or html file, and the file can be compressed to a .zip
package.
Parameters
Parameter Name Parameter Meaning
Security Event
Risk Level
Levels of risks caused by the operations that are performed on the M2:
Warning, Minor, and Risk.
Operation User
M2 user.
User Type
Type of an M2 user.
Operation Time
Operation Result
Details
Description
eSAU service logs record eSAU's processing information about Counter data.
Issue 04 (2013-08-30)
64
7 Managing Logs
Path
eSAU service logs are server logs and the save path is /opt/esau/var/logs.
Description
SAU service logs record SAU's processing information about raw MCHR data.
Path
SAU service logs are server logs and the save path is /opt/PSSAU/var/logs.
Description
Agent Server service logs consist of two parts: the log information recorded by Tomcat and that
recorded by Agent Server. Their log files are catalina.out and AMS.log. Agent Server service
logs record the procedures of the agent or M2 client connecting to Agent Server, for example,
registration request sent by the agent, file uploading, and configuration information delivery.
Path
Agent Server service logs are saved in /opt/Nastar/tomcat/logs.
Context
l
Issue 04 (2013-08-30)
If you query the operation logs based on the operation users, only the names of the users
that have performed operations are displayed in Available Operation User in the Select
Operation User dialog box.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
65
7 Managing Logs
By default, users that not in SMManagers groups can query the operation logs of
themselves only. To query the operation logs of all users, set isQueryAll in the
logsvc.xml file on the M2 server to 0, run the following command to import the parameters
in the file to the database, and restart the M2 service for the setting to take effect.
# cd /opt/Nastar
# . ./svc_profile.sh
# SettingTool -cmd import -file /opt/Nastar/etc/conf/logsvc.xml
# svc_adm -cmd reload -type sac
# stop_svc
# start_svc
The query result is generated based on the existing data in the database. If the database is
empty, there is no matching query result.
If a value in the Operation User column in the log query result is an invalid user, the system
may have been attacked.
Procedure
Step 1 Choose Security > Log Management > Query Operation Logs from the main menu.
Step 2 In the Filter dialog box, set the filtering conditions, and then click OK.
NOTE
l You can also click Cancel in the Filter dialog box, and then query logs in the Query Operation
Logs window in the following ways:
l Click Template Filter, and then select Open. Select a template from the template list, and then
click Open to use an existing template to query logs. If no template exists on the M2, see 7.3 Setting
Log Templates to create a template.
l Click Filter. Set the query conditions in the Filter dialog box, and then click OK to query logs.
l Click Choose at the lower left corner in the Filter dialog box. In the Select Operation Name dialog
box, you can view the operations that can be monitored.
Step 3 Right-click in the query window and perform the following operations.
Operation Name
Operation Method
Details
Issue 04 (2013-08-30)
66
7 Managing Logs
Operation Name
Operation Method
Save Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Save Selected Records from the shortcut menu.
2. In the Save dialog box, select the path to save records, and then
click Save.
NOTE
The log records can only be exported as TXT, HTML, CSV, PDF or XLS files.
The default file format is XLS file.
Save Specified
Records
Print Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Print Selected Records from the shortcut menu.
2. In the Print dialog box, set the print parameters, and then click
Print.
Print Specified
Records
----End
Issue 04 (2013-08-30)
67
7 Managing Logs
Context
The statistical result is generated based on the existing data in the database. If the database is
empty, there is no matching statistical result.
Procedure
Step 1 Choose Security > Log Management > Operation Log Statistics from the main menu.
Step 2 In the Filter window, set the statistical items and statistical conditions, and then click OK.
NOTE
You can also click Cancel, and then collect statistics in the Operation Log Statistics window in the
following ways:
l Click Template, and then select Open. Select a template from the template list, and then click Open
to use an existing template to collect statistics on operation logs. If no template exists on the M2, see
7.3 Setting Log Templates to create a template.
l Click Filter. Set Statistical Items and Filter Criteria in the Filter window, and then click OK to
collect statistics on operation logs.
----End
Result
In the Operation Log Statistics window, the statistical result is displayed.
Perform the following operations as required:
l
Context
l
By default, the users in only the Administrators group can query the system logs.
The query result is generated based on the existing data in the database. If the database is
empty, there is no matching query result.
The query result is generated based on the existing data in the database. If the database is empty,
there is no matching query result.
Procedure
Step 1 Choose Security > Log Management > Query System Logs from the main menu.
Step 2 In the Filter dialog box, set the filtering conditions, and then click OK.
Issue 04 (2013-08-30)
68
7 Managing Logs
NOTE
You can also click Cancel in the Filter dialog box, and then query logs in the Query System Logs window
in the following ways:
l Click Template Filter, and then select Open. Select a template from the template list, and then click
Open to use an existing template to query logs. If no template exists on the M2, see 7.3 Setting Log
Templates to create a template.
l Click Filter. Set the query conditions in the Filter dialog box, and then click OK to query logs.
Step 3 Right-click in the query window and perform the following operations.
Operation Name
Operation Method
Details
Save Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Save Selected Records from the shortcut menu.
2. In the Save dialog box, select the path to save records, and then
click Save.
NOTE
The log records can only be exported as TXT, HTML, CSV, PDF or XLS files.
The default file format is XLS file.
Save Specified
Records
Issue 04 (2013-08-30)
69
7 Managing Logs
Operation Name
Operation Method
Print Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Print Selected Records from the shortcut menu.
2. In the Print dialog box, set the print parameters, and then click
Print.
Print Specified
Records
----End
Context
The statistical result is generated based on the existing data in the database. If the database is
empty, there is no matching statistical result.
Procedure
Step 1 Choose Security > Log Management > System Log Statistics from the main menu.
Step 2 In the Filter window, set the statistical condition, and then click OK.
NOTE
You can also click Cancel, and then collect statistics in the System Log Statistics window in the following
ways:
l Click Template, and then select Open. Select a template from the template list, and then click Open
to use an existing template to collect statistics on system logs. If no template exists on the M2, see 7.3
Setting Log Templates to create a template.
l Click Filter. Set the statistical condition in the Filter window, and then click OK to collect statistics
on system logs.
----End
Result
In the System Log Statistics window, the statistical result is displayed.
Perform the following operations as required:
l
Issue 04 (2013-08-30)
70
7 Managing Logs
Context
l
If you query the security logs based on the operation users, only the names of the users that
have performed operations are displayed in Available Operation User in the Select
Operation User dialog box.
By default, the users in only the SMManagers group can query the security logs.
The query result is generated based on the existing data in the database. If the database is
empty, there is no matching query result.
If a value in the Operation User column in the log query result is an invalid user, the system
may have been attacked.
The query result is generated based on the existing data in the database. If the database is empty,
there is no matching query result.
Procedure
Step 1 Choose Security > Log Management > Query Security Logs from the main menu.
Step 2 In the Filter dialog box, set the filtering conditions, and then click OK.
NOTE
l You can also click Cancel in the Filter dialog box, and then query logs in the Query Security Logs
window in the following ways:
l Click Template Filter, and then select Open. Select a template from the template list, and then
click Open to use an existing template to query logs.
If no template exists on the M2, see 7.3 Setting Log Templates to create a template.
l Click Filter. Set the query conditions in the Filter dialog box, and then click OK to query logs.
l Click Choose at the lower left corner in the Filter dialog box. In the Select Security Event dialog box,
you can view the operations that can be monitored.
Step 3 Right-click in the query window and perform the following operations.
Operation Name
Operation Method
Details
Issue 04 (2013-08-30)
71
7 Managing Logs
Operation Name
Operation Method
Save Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Save Selected Records from the shortcut menu.
2. In the Save dialog box, select the path to save records, and then
click Save.
NOTE
The log records can only be exported as TXT, HTML, CSV, PDF or XLS files.
The default file format is XLS file.
Save Specified
Records
Print Selected
Records
1. Select one or more logs in the window, right-click, and then choose
Print Selected Records from the shortcut menu.
2. In the Print dialog box, set the print parameters, and then click
Print.
Print Specified
Records
----End
Issue 04 (2013-08-30)
72
7 Managing Logs
Context
The statistical result is generated based on the existing data in the database. If the database is
empty, there is no matching statistical result.
Procedure
Step 1 Choose Security > Log Management > Security Log Statistics from the main menu.
Step 2 In the Filter window, set the statistical items and filtering conditions, and then click OK.
NOTE
You can also click Cancel, and then collect statistics in the Security Log Statistics window in the following
ways:
l Click Template, and then select Open. Select a template from the template list, and then click Open
to use an existing template to collect statistics on security logs. If no template exists on the M2, see
7.3 Setting Log Templates to create a template.
l Click Filter. Set Items and Filter Criteria in the Filter window, and then click OK to collect statistics
on security logs.
----End
Result
In the Security Log Statistics window, the statistical result is displayed.
Perform the following operations as required:
l
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check whether there are errors in the /opt/esau/var/logs
directory.
~> cd /opt/esau/var/logs
~> grep ERROR*
l Collect corresponding log files if you can identify which processes are abnormal onsite. If
this occurs, contact Huawei technical support engineers.
Issue 04 (2013-08-30)
73
7 Managing Logs
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check whether there are errors in the /opt/Nastar/var/logs
directory.
~> cd /opt/PSSAU/var/logs
~> grep ERROR*
l Collect corresponding log files if you can identify which processes are abnormal onsite. If
this occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3.
Step 3 Optional: Run the following commands to compress the log files. Then contact Huawei
technical support engineers.
~> cd /opt/PSSAU/var
~> tar -zcvf error.tar.gz logs
Step 4 Run the following commands to check the error logs upon BS script execution.
~> cd /opt/PSSAU/var/output/log
~> grep ERROR*
l Collect corresponding log files if you can identify the processes with errors at the site. If this
occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3 again to pack the log files. Then contact Huawei technical support
engineers.
----End
74
7 Managing Logs
Context
l
Agent Server records the information generated when it interacts with the agent to locate
the problems that occur during the interaction. The information includes: the registration
request sent by the agent, authorization, file uploading, and configuration information
downloading.
Agent Server records the information generated when it interacts with M2 Client to locate
the problems that occur during the interaction. The information includes: the configuration
information of the agent, and version and license information.
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following command to navigate to the save path where Agent Server service logs are
saved.
~> cd /opt/Nastar/tomcat/logs
Step 3 Run the following command to check the log information recorded by Agent Server.
~> tail -f AMS.log
NOTE
You can navigate to /opt/Nastar/tomcat/logs using FTP tools to download the log and then analyze it.
Step 4 Run the following command to check the log information recorded by Tomcat.
~> tail -f catalina.out
NOTE
You can navigate to /opt/Nastar/tomcat/logs using FTP tools to download the log and then analyze it.
----End
Context
The operations for setting the log query and statistic collection templates are similar. The
following is an example of setting the log query template.
Procedure
Step 1 Choose Security > Log Management > Query Operation Logs from the main menu.
Step 2 In the Filter dialog box, click Cancel.
Step 3 You can perform the following operations in the Query Operation Logs window.
Issue 04 (2013-08-30)
75
7 Managing Logs
Task
Operation
Create a template
Modify a template
Save As
Delete a template
----End
Context
The log forwarding server forwards only security logs, operation logs, and system logs.
Issue 04 (2013-08-30)
76
7 Managing Logs
Procedure
Step 1 Choose System > Transmit Log from the main menu.
Step 2 You can perform the following operations in the Log Forwarding Server window.
Task
Operation
Add
In the Create Log Forwarding Server dialog box, set the server that receives
the logs. See 7.6.8 Parameters for Setting a Log Forwarding Server.
NOTE
l To enable the log forwarding function, select Yes from the Enable drop-down list.
l The IP address cannot be set to a loopback address.
l String Filter does not support wildcards.
l The switchover between the primary and secondary servers is supported when the
value of Protocol is TCP. When the primary sever fails, the secondary server takes
over the service and receives the logs. When the primary server is recovered, the
service is switched back to the primary server.
l You can set a maximum of five servers to receive logs.
Modify
In the Log Forwarding Servers dialog box, select a server record, and then
click Modify. In the displayed Modify Log Forwarding Server dialog box,
set the server information of logs.
Delete
In the Log Forwarding Servers dialog box, select a server record, and then
click Delete.
Refresh
After another user updates the information about the log forwarding server,
you can click Refresh to obtain the updated information.
Cancel
----End
Issue 04 (2013-08-30)
77
7 Managing Logs
Context
Each of the types Operation Log Dump, Security Log Dump and System Log Dump has a
default system task that is provided by the M2. You are not allowed to delete this system task,
but you can modify its setting. In addition, you cannot create new tasks of these three types.
Procedure
Step 1 Choose Maintenance > Task Management from the main menu.
Step 2 In the Task Type navigation tree, expand the Database Capacity Management node, choose
Operation Log Dump, Security Log Dump or System Log Dump.
Step 3 Double-click the task in the task list.
NOTE
In the task list, right-click the log dump task and choose Run Immediately. The log dump task is performed
instantly.
Step 4 In the displayed Attribute dialog box, set the parameters on the Common Parameters and
Extended Parameters tabs. For the parameter descriptions, see 7.6.9 Parameters for Setting
M2 Log Timing Dump.
Step 5 Click OK.
----End
Context
Each of the types Operation Log Export, Security Log Export and System Log Export has
a default system task that is provided by the M2. You are not allowed to delete the system task,
but you can modify its setting. In addition, you cannot create new tasks of these three types.
Procedure
Step 1 Choose Maintenance > Task Management from the main menu.
Step 2 In the Task Type navigation tree, expand the File Interface node, choose Operation Log
Export, Security Log Export or System Log Export.
Step 3 Double-click the task in the task list.
NOTE
To perform the operations such as executing an export task instantly, suspending an task, and setting timing
suspending and resuming, right-click the log export task in the right area and choose the corresponding
menus.
Step 4 In the Attribute dialog box, set the parameters on the Common Parameters and Extended
Parameters tabs. For the parameter descriptions, see 7.6.10 Parameters for Setting M2 Log
Timing Export.
Issue 04 (2013-08-30)
78
7 Managing Logs
NOTE
Risk
Level
Description
User Management
Minor
Minor
Reset Password
Risk
Minor
Minor
Risk
Issue 04 (2013-08-30)
Risk
Monitor Users
Minor
Unlock Users
Minor
Security rights
management
Minor
79
Issue 04 (2013-08-30)
7 Managing Logs
Security Event
Risk
Level
Description
Minor
Operation Set
Management
Minor
Minor
Minor
Check access
Minor
Minor
Minor
Minor
Risk
Minor
Minor
Minor
Minor
Minor
Minor
Get access by SO
Minor
Query domain by SO
Minor
Query compressed SO
Minor
Get usergroup
Minor
Get usergroup
information
Minor
80
Issue 04 (2013-08-30)
7 Managing Logs
Security Event
Risk
Level
Description
Minor
Minor
Minor
Minor
Get users
Minor
Minor
Minor
Minor
NB login
Minor
Change password
Risk
Revert password
Risk
Unlock terminal
Minor
Minor
Minor
Minor
Minor
Grant rights
Minor
81
7 Managing Logs
Security Event
Risk
Level
Description
Cancel rights
Minor
Paste rights
Minor
Minor
Bind user
Minor
Unbind user
Minor
Minor
Minor
Create user
Minor
Delete user
Risk
Issue 04 (2013-08-30)
Minor
Minor
Minor
Minor
Minor
Minor
82
Issue 04 (2013-08-30)
7 Managing Logs
Security Event
Risk
Level
Description
Minor
Minor
Minor
Minor
Minor
Minor
Risk
Minor
Minor
Minor
Minor
Minor
Risk
83
Issue 04 (2013-08-30)
7 Managing Logs
Security Event
Risk
Level
Description
Risk
Minor
Minor
Minor
Minor
Minor
Minor
Risk
Risk
Minor
Minor
Minor
Delete subresource
access from user group
Minor
Minor
84
7 Managing Logs
Security Event
Risk
Level
Description
Delete subresource
access from user
Minor
Security User
Management
Minor
Minor
Minor
Minor
Parameters
Parame
ter
Description
Settings
Operatio
n User
Description:
Setting method:
Operatio
n
Termina
l
Issue 04 (2013-08-30)
Description:
To select operation
terminals. Queried
operation records are
displayed by operation
terminal.
Setting method:
In the Filter dialog box, click
. From the Select
Operation Terminal dialog box, select one or
more items.
85
7 Managing Logs
Parame
ter
Description
Settings
Operatio
n Result
Description:
Value:
Risk
Level
Description:
Value:
Time
Range
Description:
Setting method:
NOTE
From means the start time,
and To means the end time.
NOTE
To set the time format, choose File > Preferences from
the main menu, expand Region Settings, and then choose
the Time node. Set Time Format in the area on the right.
When you set the M2 time to DST, the DST check box
is selected automatically.
Issue 04 (2013-08-30)
86
7 Managing Logs
Parame
ter
Description
Settings
Detail
informat
ion
contains
Description:
Setting method:
In Detail information
contains, enter the
information to be displayed
in the Details column. The
M2 filters operation logs
based on the information
provided in Detail
information contains.
Operatio
n Name
Description:
Operatio
n Object
Description:
User
Type
Description:
Start
Time
Description:
End
Time
Description:
Operatio
n
Categor
y
Description:
Details
Description:
Setting method:
In the Filter dialog box, click
corresponding to Operation Name. In the Select
Operation Name dialog box, select one or more
items.
Setting method:
In the Filter dialog box, click
corresponding to Operation Object. In the Select
Operation Object dialog box, select one or more
items.
-
Category to which an
operation belongs.
-
Issue 04 (2013-08-30)
87
7 Managing Logs
Statistical items
Parameter
Description
Settings
Row
Statistica
l Item
Description:
Value:
Statistica
l Item
Description:
Value:
Description:
Value:
Description:
Value:
Colu
mn
Statistica
l Item
Example
Issue 04 (2013-08-30)
NOTE
You can set at most one of both Statistical
Item in Row to (None). The statistical results are
grouped by Statistical Item.
88
7 Managing Logs
Filter Criteria
Parameter
Description
Settings
Operation
User
Description:
Setting method:
Click
. In the Select Operation User
dialog box, select one or more items.
NOTE
By default, statistics on all users' operation logs
will be collected.
Operation
Terminal
Description:
Operation
Result
Description:
Value:
To collect statistics by
operation result.
To collect statistics by IP
address of the terminal.
Setting method:
Click
. In the Select Operation
Terminal dialog box, select one or more
items.
Description:
Value:
To collect statistics by
operation level.
Issue 04 (2013-08-30)
89
7 Managing Logs
Parameter
Description
Settings
Time
Range
Description:
Setting method:
Detail
information
contains
Description:
Setting method:
In Detail information
contains, enter the information
to be displayed in the Details
column. The M2 filters
operation logs based on the
information provided in Detail
information contains.
Operation
Name
Description:
Operation
Object
Description:
To collect statistics by
operation.
To collect statistics by
operation object.
Setting method:
Click
corresponding to
Operation. In the Select Operation Name
dialog box, select one or more items.
Setting method:
Click
corresponding to
Operation Object. In the Select Operation
Object dialog box, select one or more items.
Issue 04 (2013-08-30)
90
7 Managing Logs
Parameters
Parameter
Description
Settings
Source
Description:
Setting method:
Level
Description:
Value:
Operation Result
Description:
Value:
Time Range
Description:
Setting method:
NOTE
From means the start time, and To
means the end time.
Issue 04 (2013-08-30)
91
7 Managing Logs
Parameter
Description
Settings
Detail information
contains
Description:
Setting method:
Description:
Description:
Description:
Statistical items
Parameter
Description
Settings
Row
Statistical
Item
Description:
Value:
Statistical
Item
Description:
Value:
Description:
Value:
Colum
n
Example
Issue 04 (2013-08-30)
92
7 Managing Logs
Filter Criteria
Param
eter
Description
Settings
Source
Description:
Setting method:
Click
. In the Select Source dialog box,
select one or more items.
NOTE
By default, statistics on all sources' system logs
will be collected.
Level
Description:
Value:
Operati
on
Result
Description:
Value:
Time
Range
Description:
Setting method:
Issue 04 (2013-08-30)
93
7 Managing Logs
Param
eter
Description
Settings
Detail
informa
tion
contains
Description:
Setting method:
Parameters
Parameter
Description
Settings
Operation
User
Description:
Setting method:
Operation
Terminal
Description:
Operation
Result
Description:
Value:
Issue 04 (2013-08-30)
94
7 Managing Logs
Parameter
Description
Settings
Risk Level
Description:
Value:
Time Range
Description:
Setting method:
Detail
information
contains
Description:
Setting method:
In Detail information
contains, enter the
information to be displayed
in the Details column. The
M2 filters security logs
based on the information
provided in Detail
information contains.
Security
Event
Issue 04 (2013-08-30)
Description:
Setting method:
95
7 Managing Logs
Parameter
Description
Settings
Operation
Object
Description:
Setting method:
Description:
User Type
corresponding to Operation
Object. In the Select Operation Object
dialog box, select one or more items.
Description:
Details
Description:
Statistical items
Issue 04 (2013-08-30)
Parameter
Description
Settings
Row
Description:
Value:
Statistica
l Item
96
7 Managing Logs
Parameter
Statistica
l Item
Description
Settings
Description:
Value:
Column
Statistica
l Item
Example
Description:
Value:
Description:
Value:
Filter Criteria
Issue 04 (2013-08-30)
Parameter
Description
Settings
Operation
User
Description:
Setting method:
Operation
Terminal
Description:
To collect statistics by IP
address of the terminal.
Click
. In the Select Operation User
dialog box, select one or more items.
Setting method:
Click
. In the Select Operation
Terminal dialog box, select one or more
items.
97
7 Managing Logs
Parameter
Description
Settings
Operation
Result
Description:
Value:
Risk Level
Description:
Value:
Time Range
Description:
Setting method:
Detail
information
contains
Description:
Setting method:
In Detail information
contains, enter the information
to be displayed in the Details
column. The M2 filters security
logs based on the information
provided in Detail information
contains.
Issue 04 (2013-08-30)
98
7 Managing Logs
Parameter
Description
Settings
Security
Event
Description:
Setting method:
Operation
Object
Description:
Click
corresponding to
Security Event. In the Select Security
Event dialog box, select one or more
items.
Setting method:
Click
corresponding to
Operation Object. In the Select
Operation Object dialog box, select one
or more items.
Parameters
Parameter
Description
Settings
Master Server
IP Address
Description:
Master Server
Port
Description:
Value:
Standby Server
IP Address
Description:
Standby Server
Port
Description:
Value:
Protocol
Description:
Value:
Description:
Value:
Enable
Issue 04 (2013-08-30)
99
7 Managing Logs
Parameter
Description
Settings
Syslog Level
String Filter
Description:
Value:
Remark
Description:
Value:
State
Description:
Issue 04 (2013-08-30)
100
7 Managing Logs
Common Parameters
Table 7-1 Parameters Applicable for both One-time and Periodic Tasks
Parameter
Description
Settings
Task name
Description:
Value:
l A maximum of 64 bytes.
l Unique and not null.
l Case sensitive.
Execution
type
Description:
Value:
l One-time
l Periodic
NOTE
The execution type cannot be configured
again after the task is created.
Description:
Value:
Task type
Description:
Issue 04 (2013-08-30)
101
7 Managing Logs
Description
Settings
Execution
Interval
Description:
Value:
Execution
Times
Description:
Value:
0 - 65535
NOTE
This parameter is displayed in the
Attribute dialog box only after you
set it when creating and copying a
periodic task.
End time
NOTE
l 0 indicates that the number of times
for executing periodic tasks is not
restricted.
l The execution times cannot be
configured again after the task is
created.
Description:
Value:
NOTE
This parameter is displayed in the
Attribute dialog box only after you
set it when creating and copying a
periodic task.
NOTE
The end time cannot be configured again
after the task is created.
Issue 04 (2013-08-30)
102
7 Managing Logs
Extended Parameters
Table 7-3 Extended Parameters
Parameter
Description
Setting
Compress
file after
export
Description:
Value:
Yes or No
File type
Description:
Value:
Description:
Value:
Storage
period in
database
(days)
Description:
Value:
Export File
Managemen
t
Description:
Value:
File path
Rule: It is not
recommended to
change the default file
path. If you need to
specify a new file path,
ensure that the user
imapuser has
permission to read and
write the target folder
under this path.
Issue 04 (2013-08-30)
103
7 Managing Logs
Common Parameters
Table 7-4 Parameters Applicable for both One-time and Periodic Tasks
Parameter
Description
Settings
Task name
Description:
Value:
l A maximum of 64 bytes.
l Unique and not null.
l Case sensitive.
Execution
type
Description:
Value:
l One-time
l Periodic
NOTE
The execution type cannot be configured
again after the task is created.
Description:
Value:
Task type
Description:
Issue 04 (2013-08-30)
104
7 Managing Logs
Description
Settings
Execution
Interval
Description:
Value:
Execution
Times
Description:
Value:
0 - 65535
NOTE
This parameter is displayed in the
Attribute dialog box only after you
set it when creating and copying a
periodic task.
End time
NOTE
l 0 indicates that the number of times
for executing periodic tasks is not
restricted.
l The execution times cannot be
configured again after the task is
created.
Description:
Value:
NOTE
This parameter is displayed in the
Attribute dialog box only after you
set it when creating and copying a
periodic task.
NOTE
The end time cannot be configured again
after the task is created.
Issue 04 (2013-08-30)
105
7 Managing Logs
Extended Parameters
Table 7-6 Extended Parameters
Parameter
Description
Setting
Compress
file after
export
Description:
Value:
Yes or No
Export File
Type
Description:
Value:
File path
Description:
Value:
Description:
Value:
Export File
Managemen
t
Issue 04 (2013-08-30)
Rule: It is not
recommended to change
the default file path. If you
need to specify a new file
path, ensure that the user
imapuser has permission to
read and write the target
folder under this path.
106
Issue 04 (2013-08-30)
107
Process
Name
Description
DesktopS
ervice010
1
ds0101_age
nt
EAMServ
ice
eam_agent
EmfGnlD
evDm
EmfGnlDev
Dm
ItmServic
e
itm_agent
LicenseSe
rvice
lic_agent
Issue 04 (2013-08-30)
108
Service
Process
Name
Description
LogServic
e
log_agent
Forwardin
gService
SystemSe
rvice
manager_ag
ent
Maintena
nceServic
e
maintain_ag
ent
Mediation
Service01
01
med_agent
Common
LicServic
e
SSLMana
geService
necomm_ag
ent
Issue 04 (2013-08-30)
109
Service
Process
Name
Description
CAServic
e
CAService_
agent
PartitionS
ervice
partition_ag
ent
PortTrunk
ingServic
e
porttrunk_a
gent
SecurityS
ervice
sm_agent
Procedure
Step 1 Log in to the server as user omcuser and navigate to the installation directory of the M2 server
software (the default installation directory is /opt/Nastar).
~> cd /opt/Nastar
Issue 04 (2013-08-30)
110
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command runs, type the password of user
omcuser.
The M2 may dynamically generate processes and services when it is running. The number of processes
and services queried each time may be different.
----End
Prerequisites
The Oracle database services are running normally. For details on how to start the Oracle
database service, see 9.1.2 Checking Oracle Database Running Status.
Procedure
Step 1 Log in to the server as user omcuser, and then run the following command to navigate to the
installation directory of the M2 server software (the default installation directory of the M2
server software is /opt/Nastar):
~> cd /opt/Nastar
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command is run, type the password of
user omcuser.
111
~> start_svc
Step 3 Run the following commands to start the Tomcat service:
~> cd tomcat
~> ./service.sh start
Step 4 Check whether all M2 services are started. For detailed operations, see 12.2.10 Checking M2
Service Status.
----End
Procedure
Step 1 Log in to the server as user omcuser, and then run the following command to navigate to the
installation directory of the M2 server software (the default installation directory of the M2
server software is /opt/Nastar):
~> cd /opt/Nastar
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command is run, type the password of
user omcuser.
112
Process
Name
Description
Monitor
sf_monitor
PSau.Controll
er
sf_env
SysMonitor0
sf_env
PSau.Calculat
or1
sf_env
PSau.Collecto
r0
sf_env
Issue 04 (2013-08-30)
113
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check SAU services:
~> cd /opt/PSSAU
~> . ./svc_profile.sh
~> ps_query
When the following or similar information is displayed, SAU services are running.
Service Agent: PSau.Calculator [1 service(s)] pid: 24663
PSau.Calculator
[running]
Service Agent: PSau.Collector [1 service(s)] pid: 24692
PSau.Collector
[running]
Service Agent: PSau.Controller [1 service(s)] pid: 24556
PSau.Controller
[running]
Service Agent: SysMonitor [1 service(s)] pid: 24589
SysMonitor
[running]
[All Services: 4 ] [Running: 4] [Not Running: 0 ]
l In the displayed information, if the state of the service is Running, you can infer that the
service operate properly.
l In the displayed information, if the state of the service is Not Running, you can infer that
the service is abnormal.
l At the end of the displayed information, if the value of Not Running is 0, you can infer that
all the SAU services operate properly. Otherwise, some SAU services have not been started.
----End
Prerequisites
Oracle database services are started. For details about the running status of Oracle database
services, see 9.1.2 Checking Oracle Database Running Status.
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to start SAU services:
~> cd /opt/PSSAU
~> . ./svc_profile.sh
~> ps_start
Step 3 Check whether all SAU services are started. For detailed operations, see 12.2.11 Checking SAU
Service Status.
----End
Issue 04 (2013-08-30)
114
Context
NOTE
Check that no preprocessing tasks are running before you stop SAU services. Otherwise, preprocessing
result might be incorrect.
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to stop the SAU services:
~> cd /opt/PSSAU
~> . ./svc_profile.sh
~> ps_stop
Step 3 Run the following command to ensure that all SAU services have stopped:
~> ps_query
l If no command output is displayed, the SAU services have stopped.
l If any command output is displayed, run the ps_kill command to forcibly stop the services.
----End
Process
Name
Description
Monitor
sf_monitor
Issue 04 (2013-08-30)
115
Service
Process
Name
Description
eSAU
sf_env
l Service process. It provides services of querying multidimension data, and collecting Counter data and saving it
to the database.
l This service must be started.
l Required service: Monitor.
SysMonitor
SysMonitor
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to view eSAU service status:
~> cd /opt/esau
~> . ./svc_profile.sh
~> esau_ps
When the following or similar information is displayed, eSAU services are running.
Monitor...........................running
eSAU...........................running
SysMonitor.....................running
[All Services: 3] [Running: 3] [Not Running: 0 ]
l In the displayed information, if the state of the service is Running, you can infer that the
service operate properly.
l In the displayed information, if the state of the service is Not Running, you can infer that
the service is abnormal.
l At the end of the displayed information, if the value of Not Running is 0, you can infer that
all the eSAU services operate properly. Otherwise, some eSAU services have not been
started.
----End
116
Prerequisites
Oracle services are started. For details about the running status of Oracle services, see 9.1.2
Checking Oracle Database Running Status.
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to start eSAU services:
~> cd /opt/esau
~> . ./svc_profile.sh
~> esau_start
Step 3 Check whether all eSAU services are started. For detailed operations, see 12.2.12 Checking
eSAU Service Status.
----End
Context
NOTE
Before stopping the eSAU services, ensure that no data aggregation task is running. Otherwise, an exception
may occur during the task execution, which causes the data exception.
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to stop the eSAU services:
~> cd /opt/esau
~> . ./svc_profile.sh
~> esau_stop
Step 3 Run the following command to ensure that all eSAU services have stopped:
~> esau_ps
Information similar to the following is displayed:
Monitor............................not running
eSAU...............................not running
SysMonitor.........................not running
[All Services: 3 ] [Running: 0 ] [Not Running: 3 ]
117
l If the value of Running is not 0, run esau_kill to forcibly stop eSAU services.
----End
Process Name
Description
Tomcat
tomcat
Procedure
Step 1 Log in to the server as user omcuser.
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command runs, type the password of user
omcuser.
118
----End
Procedure
Step 1 Log in to the server as user omcuser, and then run the following command to navigate to the
installation directory of the M2 server software (the default installation directory of the M2
server software is /opt/Nastar):
~> cd /opt/Nastar
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command is run, type the password of
user omcuser.
----End
Procedure
Step 1 Log in to the server as user omcuser, and then run the following command to navigate to the
installation directory of the M2 server software (the default installation directory of the M2
server software is /opt/Nastar):
~> cd /opt/Nastar
Issue 04 (2013-08-30)
119
NOTE
l If you have logged in to the server as another user, you can run the su - omcuser command in the
command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command is run, type the password of
user omcuser.
----End
Issue 04 (2013-08-30)
120
9 Managing Databases
Managing Databases
Issue 04 (2013-08-30)
121
9 Managing Databases
Function
imap_db schema
imapeamdb schema
imaplogdb schema
Stores system log data. The database requires at least 500 MB data
space.
imapsmdb schema
Prerequisites
You have installed the Oracle database system.
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following command to check whether Oracle database services are started:
# ps -fu oracle
UID PID PPID
Oracle 5141 1
....
Oracle 5157 1
...
Oracle 5165 1
Oracle 5167 1
Oracle 5169 1
...
Issue 04 (2013-08-30)
122
9 Managing Databases
l If the command result contains at least the following six processes, Oracle database services
and listening services are running normally.
ora_pmon_ imapdb
ora_dbw0_ imapdb
ora_lgwr_ imapdb
ora_ckpt_ imapdb
ora_smon_ imapdb
/opt/oracle/oradb/home/bin/tnslsnr
l If no command output is displayed, Oracle database services are not started properly. Start
database services by referring to 9.1.3 Staring Oracle.
----End
Procedure
Step 1 Check whether Oracle database services are started. For detailed operations, see 9.1.2 Checking
Oracle Database Running Status.
Skip the following steps if Oracle database services are started; if not, perform the following
steps to start the services.
Step 2 Log in to the server as user oracle.
If you log in to the server as another user, you can run the su - oracle command to switch to
user oracle.
Step 3 Run the following commands to start the Oracle database service.
~> sqlplus / as sysdba
SQL> startup
l If the following or similar information is displayed, the database is started properly.
Total System Global Area 1610612736 bytes
Fixed Size
2046264 bytes
Variable Size
385877704 bytes
Database Buffers
1207959552 bytes
Redo Buffers
14729216 bytes
Database mounted.
Database opened.
123
9 Managing Databases
l If the command result contains the following information, the database listener has started.
Listener using listener name LISTENER has already been started
Context
CAUTION
Check that M2 services and eSAU services are stopped before you stop Oracle database services.
Procedure
Step 1 Check that M2 services are stopped.
1.
Check M2 service status. For detailed operations, see 8.1.2 Checking M2 Server Service
Status.
2.
If M2 services are running, stop M2 services. For detailed operations, see 8.1.4 Stopping
M2 Server Services.
Check eSAU service status. For detailed operations, see 8.1.10 Checking eSAU Service
Status.
2.
If eSAU services are running, stop eSAU services. For detailed operations, see 8.1.12
Stopping eSAU Services.
l If information similar to the following is displayed, the database listener has been stopped
before you run this command.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=nassvr)(PORT=1521)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
Issue 04 (2013-08-30)
124
9 Managing Databases
TNS-00511: No listener
Linux Error: 111: Connection refused
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC0)))
TNS-12541: TNS:no listener
TNS-12560: TNS:protocol adapter error
TNS-00511: No listener
Linux Error: 2: No such file or directory
l If the following information is displayed, the database has been stopped before you run this
command.
ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist
Linux-x86_64 Error: 2: No such file or directory
Issue 04 (2013-08-30)
Database
Function
GaussDB
125
9 Managing Databases
Prerequisites
You have installed the GaussDB database system.
Procedure
Step 1 Log in to the server as user gaussdba (The home directory is /home/gaussdba).
NOTE
l If you have logged in to the server as any other user, run su - gaussdba to switch to gaussdba.
l Enter the password of user gaussdba if required when you run the su - gaussdba command.
Step 2 Run the following command to check whether GaussDB database services are started:
~> gs_ctl query
If the information similar to the following is displayed, GaussDB database services are started.
Otherwise, GaussDB database services are not started.
Ha state:
LOCAL_ROLE
STATIC_CONNECTIONS
DB_STATE
DETAIL_INFORMATION
:
:
:
:
Normal
0
Normal
Normal
----End
Procedure
Step 1 Log in to the server as user gaussdba (The home directory is /home/gaussdba).
NOTE
l If you have logged in to the server as any other user, run su - gaussdba to switch to gaussdba.
l Enter the password of user gaussdba if required when you run the su - gaussdba command.
----End
126
9 Managing Databases
Procedure
Step 1 Log in to the server as user gaussdba (The home directory is /home/gaussdba).
NOTE
l If you have logged in to the server as any other user, run su - gaussdba to switch to gaussdba.
l Enter the password of user gaussdba if required when you run the su - gaussdba command.
----End
Issue 04 (2013-08-30)
127
10
Issue 04 (2013-08-30)
128
Context
During the routine operation and maintenance, back up and delete the following files:
l
Trace logs
CAUTION
You can delete files when the server is running. Before deleting files, run the ls -l command to
check the time when the files were generated. Do not delete the files generated on the current
day.
Procedure
Step 1 Export the files containing the information about the M2 server and back up the files to a local
hard disk.
The following files are included:
l User log files
User log dump files are saved in the /opt/Nastar/var/userlogs/ directory.
l Core files generated by the system
Core files are saved in the /opt/Nastar/var/logs, /opt/esau/var/logs, and /opt/PSSAU/var/
logs directories.
l History trace files
Historical trace files are saved in the /opt/Nastar/var/logs/tracebak, /opt/esau/var/logs/
backup, and /opt/PSSAU/var/logs/backup directories.
Step 2 Delete M2 software upgrade packages and decompressed files.
After the software is successfully upgraded, you can delete the original upgrade packages and
the decompressed files. The upgrade packages and decompressed files are stored in a directory
that is named after the upgrade patch in the /export/home/M2update directory.
Step 3 Perform the following substeps to delete the trace logs of M2 services.
1.
Issue 04 (2013-08-30)
129
2.
3.
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
Step 4 Perform the following substeps to delete the trace logs and processed files of eSAU:
1.
2.
3.
Modify the saveDays attribute of the following configuration items in the file to reduce the
time for backing up trace logs and saving the processed files.
In the preceding example, files in /opt/esau/data/eSAUSucceed are successfully processed
and those in /opt/esau/data/eSAUFailed fail to be processed. The system checks the
corresponding directories every 300 seconds. saveDays is the storage duration (days). If
the value exceeds the threshold, the system deletes the earliest trace files in sequence.
<Para path="/opt/esau/data/eSAUSucceed" saveDays="0.5" dirCheckISecs="300"
scriptRoot=""/>
<Para path="/opt/esau/data/eSAUFailed" saveDays="30" dirCheckISecs="300"
scriptRoot=""/>
<Para path="/opt/esau/var/logs/backup " saveDays="30" dirCheckISecs="300"
scriptRoot=""/>
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
5.
Run the following commands to restart eSAU services for the setting to take effect.
Issue 04 (2013-08-30)
a.
Stop eSAU services. For detailed operations, see 8.1.12 Stopping eSAU Services.
b.
Start eSAU services. For detailed operations, see 8.1.11 Starting eSAU Services.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
130
Step 5 Perform the following substeps to delete the trace logs and processed files of SAU:
1.
2.
3.
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
5.
6.
7.
If you modify the saveDays configuration item under <!-- to delete according to time ->, the system automatically deletes the earliest files in sequence. If you modify the
maxSpace configuration item under <!-- to delete according to size-->, the system scans
the files in the directory. If the value exceeds the threshold, the system deletes the earliest
trace files in sequence.
Modify only the configuration items in bold in the following displayed information:
<?xml version="1.0" encoding="UTF-8"?>
<!--TODO:use XPath tree structure -->
<FileManagerConfig>
<FileDelInfo delaySecs="100" intervalSecs="300">
<!-- to delete according to time -->
<Para path="/opt/PSSAU/var/output/filepath" saveDays="1"
rmSubDir="0" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/M2_MCHR" saveDays="90" rmSubDir="1"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/MCounter" saveDays="1" rmSubDir="1"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/ReduceMCounter" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/ftpdir" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/reduceDir" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/EDR" saveDays="1" rmSubDir="1"
Issue 04 (2013-08-30)
131
Issue 04 (2013-08-30)
132
8.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
9.
Perform the following substeps to restart SAU services for the setting to take effect.
a.
Stop SAU services. For detailed operations, see 8.1.8 Stopping SAU Services.
b.
Start SAU services. For detailed operations, see 8.1.7 Starting SAU Services.
CAUTION
Before clearing up disk space, check that the files you want to delete are no longer required.
Deleting useful files by mistake might cause abnormal system running.
1.
2.
3.
Delete all files in the /var/tmp directory after you stop M2 services.
l Stop M2 services. For detailed operations, see 8.1.4 Stopping M2 Server Services.
l Restart M2 services. For detailed operations, see 8.1.3 Starting M2 Server Services.
4.
Step 7 Delete the historical data that has been processed by the M2 service process.
1.
2.
Issue 04 (2013-08-30)
133
3.
4.
5.
2.
3.
Optional: If you need to locate the problems, back up the files in the directory.
4.
5.
b.
----End
Prerequisites
You have installed the client software.
Context
l
You are advised not to delete the files generated on the current day.
You are advised not to delete files when the client is running.
Before you delete a file, check that it can be deleted. Deleting useful files by mistake may
lead to system operation errors.
Issue 04 (2013-08-30)
134
Procedure
Step 1 Delete historical trace logs.
NOTE
Clearing up disk space tasks involves deleting historical trace logs on the client.
The historical trace logs are saved in the Installation directory of the client software\client
\tracefile directory.
----End
Issue 04 (2013-08-30)
135
11
Issue 04 (2013-08-30)
136
Content
Backup
contents
l Database imapdb
Backup
mode
Periodic backup: Set any day in a week to perform full backup. After the
periodic backup is activated, the system performs a round of full backup every
week. When a new round of full backup is performed, all the backup files of
the previous round are deleted automatically.
Storage
medium
Hard disk
Directory of
backup files
After the backup is performed, the backup contents are automatically packaged as a backup file.
137
NOTE
After the system performs backup, the latest backup information is recorded in the /export/home/
backup/omc/backupstate.log file. The information contains the date on which the backup file is
generated, directory for storing the backup file, and the file name.
During the data backup, the all-YYYYMMDDhhmmss folder is generated in the /export/home/
backup/omc directory for storing backup files. When the data backup is complete, the folder is
compressed into the all-YYYYMMDDhhmmss.tar file, and the all-YYYYMMDDhhmmss folder is
automatically deleted.
Content
Backup
contents
Backup
mode
Manual backup
Storage
medium
Hard disk
Directory of
backup files
After the backup is performed, the backup contents are automatically packaged as a backup file.
Issue 04 (2013-08-30)
138
Content
Backup
contents
Backup
mode
Manual backup
Storage
medium
Hard disk
Directory of
backup files
/export/home/backup/esau
After the backup is performed, the backup contents are automatically packaged as a backup file.
139
Content
Backup
contents
Backup
mode
Manual backup
Storage
medium
Hard disk
Directory of
backup files
After the backup is performed, the backup contents are automatically packaged as a backup file.
Prerequisites
l
The hard disk where you want to back up the dynamic data has sufficient free space.
Issue 04 (2013-08-30)
140
Context
Generally, M2 dynamic data is backed up periodically. The periodic backup of the dynamic data
is performed in full backup mode.
Dynamic data backup has no restriction on backup time. The backup can be performed when
the system is running.
Procedure
Step 1 Choose Maintenance > Task Management.
The Task Management window is displayed.
Step 2 Choose Task Type > Backup > Server Backup, and then double-click the Server Backup
node in the navigation tree in the left.
The Attribute dialog box is displayed, as shown in Figure 11-1.
Figure 11-1 Periodic backup (1)
Step 3 Click the Common Parameters tab, and then set Task Name and Start Time.
Step 4 Click the Extended Parameters tab, and then set Backup Medium, as shown in Figure 11-2.
Issue 04 (2013-08-30)
141
Currently, M2 supports backup using only hard disks. When you use a hard disk as the backup medium,
log in to M2 server and check whether the all-YYYYMMDDhhmmss.tar file is available in /export/home/
backup/omc/.
----End
Prerequisites
l
The backup files for restoring the M2 dynamic data are obtained.
Context
Based on the latest full backup files of the M2, you can restore the M2 system data. After you
perform the restoration operation, all the contents in the backup file package are restored.
Issue 04 (2013-08-30)
142
CAUTION
M2 services are stopped if you perform dynamic data restore operations. M2 server cannot
process the data reported by the agent during this period.
Procedure
Step 1 Run the following commands to copy the backup files to a hard disk if the backup files are stored
on a tape. Skip this step and go to Step 3 if the backup files are stored on a hard disk.
# cd /
# tar xvf /dev/st0
If the following message is displayed during the execution of the commands, ignore the message.
tar: Removing the initial "/" from member names
CAUTION
The decompressed file is stored in the same path as the compressed one. The save path of the
decompressed file is irrelevant to the path where you perform the decompression operation.
Step 2 Stop M2 system services.
You can check whether the M2 one-click installation packge
M2V100R002C00SPC400OneKeyInstall_pkg.tar or one-click script svc_stop.sh is available
in the /export/home/m2install directory by running ls /export/home/m2install.
l Stop M2 system services by referring to 13.4 How Do I Stop M2 System Services? (OneClick) if at least one of the above is available.
l Stop M2 system services by referring to 13.6 How Do I Stop M2 System Services? if neither
of them is available.
Step 3 Restart the Oracle database.
For details about how to stop and start Oracle services, see 9.1.4 Stopping Oracle and 9.1.3
Staring Oracle respectively.
Step 4 Log in to the server as user omcuser to restore M2 system dynamic data.
1.
Decompress the backup file that contains the dynamic data you want to restore.
~> cd /export/home/backup/omc/
~> tar xvf /export/home/backup/omc/name of the dynamic data backup file -C /
For example, before restoring the full dynamic data backup file generated on 18:06:22
2008-01-30, you need to decompress the relevant package.
~> tar xvf /export/home/backup/omc/all-20080130180622.tar -C /
Issue 04 (2013-08-30)
143
You need to decompress the relevant package regardless of whether the file to be restored is a full
backup file or an incremental backup file.
2.
3.
4.
When the system displays the following message, type the password of user sys of the
database.
Note: Enter q/Q to exit this tool.
Please input the supperuser's password of database[default:dbpasswd]:
NOTE
5.
When the system displays the following message, type 1 to start restoring dynamic data.
Please make a choice[1-2]:
After the restoration is complete, the system displays Operation succeeds
Prerequisites
l
Issue 04 (2013-08-30)
144
Dynamic data backup has no restriction on backup time. The backup can be performed
when the system is running.
Context
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following commands to back up dynamic data to the specified directory.
# cd /opt/PSSAU/script/admin
# sh backupdata.sh
NOTE
Prerequisites
l
The backup files for restoring the SAU dynamic data are obtained.
Context
Based on the latest full backup files of the SAU, you can restore the SAU system data. After
you perform the restoration operation, all the contents in the backup file package are restored.
Stop SAU services when you restore the dynamic data.
Procedure
Step 1 Log in to the server as user root.
Step 2 Perform the following substeps to stop SAU services:
1.
Check that the SAU services are running properly. For detailed operations, see 8.1.6
Checking SAU Service Status.
2.
Stop SAU services. For detailed operations, see 8.1.8 Stopping SAU Services.
145
1.
2.
Enter the save path of the dynamic data, and press Enter.
For example, enter the following if the path of the backup package is /export/home/
backup/pssau:
/export/home/backup/pssau
3.
Enter the file name of the dynamic data, and press Enter.
For example, enter the following if the name of the backup package is ddYYYYMMDDhhmmss.tar:
dd-YYYYMMDDhhmmss.tar
Step 4 Start SAU services. For detailed operations, see 8.1.7 Starting SAU Services.
----End
Prerequisites
l
Dynamic data backup has no restriction on backup time. The backup can be performed
when the system is running.
Context
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following commands to back up dynamic data to the specified directory.
# cd /opt/esau/script/admin
# sh backupdata.sh
NOTE
Issue 04 (2013-08-30)
146
Prerequisites
l
The backup files for restoring the eSAU dynamic data are obtained.
Context
Based on the latest full backup files of the eSAU, you can restore the eSAU system data. After
you perform the restoration operation, all the contents in the backup file package are restored.
Stop eSAU services when you restore the dynamic data.
Procedure
Step 1 Log in to the server as user root.
Step 2 Perform the following substeps to stop eSAU services:
1.
Check that the eSAU services are running properly. For detailed operations, see 8.1.10
Checking eSAU Service Status.
2.
Stop eSAU services. For detailed operations, see 8.1.12 Stopping eSAU Services.
2.
Enter the save path of the dynamic data, and press Enter.
For example, enter the following if the path of the backup package is /export/home/
backup/esau:
/export/home/backup/esau
3.
Enter the file name of the dynamic data, and press Enter.
For example, enter the following if the name of the backup package is ddYYYYMMDDhhmmss.tar:
dd-YYYYMMDDhhmmss.tar
Issue 04 (2013-08-30)
147
Step 4 Start eSAU services. For detailed operations, see 8.1.11 Starting eSAU Services.
----End
Prerequisites
l
Dynamic data backup has no restriction on backup time. The backup can be performed
when the system is running.
Context
Procedure
Step 1 Use PuTTY to log in to the server in SSH mode as user root
Step 2 Run the following commands to created the backup directories /export/home/gaussdb/
backup and /export/home/agents/backup.
# mkdir -p /export/home/agents/backup
# mkdir -p /export/home/gaussdb/backup
Step 3 Run the following commands to modify the owner of /export/home/gaussdb to gaussdba and
the group to omcsysm.
# chown -R gaussdba.omcsysm /export/home/gaussdb
Step 4 Run the following commands to modify the owner of /export/home/agents to omcuser and the
group to omcsysm.
# chown -R omcuser.omcsysm /export/home/agents
Step 5 Run the su - gaussdba command to switch to user gaussdba.
Step 6 Run the following commands to back up Agent Server system database:
~> cd /export/home/gaussdb/backup
~> tar -C /opt/gaussdb -cf /export/home/gaussdb/backup/ams-`date "+%Y%m%d%H%M%
s"`.tar data
If the ams-YYYYMMDDhhmmss.tar file is generated in the current /export/home/gaussdb/
backup directory after the commands are executed, the Agent Server database backup succeeds.
Otherwise, the backup fails.
Step 7 Run the su - omcuser command to switch to user omcuser.
Step 8 Run the following commands to back up Agent Server system dynamic data:
~> cd /export/home/agents/backup
Issue 04 (2013-08-30)
148
Prerequisites
l
The backup files for restoring the Agent Server dynamic data are obtained.
Context
Based on the latest full backup files of the Agent Server, you can restore the Agent Server system
data. After you perform the restoration operation, all the contents in the backup file package are
restored.
Stop Agent Server service when you restore the dynamic data.
Procedure
Step 1 Perform the following substeps to stop Agent Server service:
1.
Check that the Agent Server service is running properly. For detailed operations, see 8.2.2
Checking Agent Server Service Status.
2.
Stop Agent Server service. For detailed operations, see 8.2.4 Stopping the Agent Server
Service.
149
Step 5 Run the following command to restore the Agent Server configuration data:
~> cd /export/home/agents/backup
~> tar -xvf agentServer-YYYYMMDDhhmmss.tar -C /opt/Nastar/webapps/
agentServer-YYYYMMDDhhmmss.tar is the name of the file you want to restore.
Step 6 Start Agent Server service. For detailed operations, see 8.2.3 Starting the Agent Server
Service.
----End
Issue 04 (2013-08-30)
150
12
Issue 04 (2013-08-30)
151
Issue 04 (2013-08-30)
Reference
Daily
Checking M2 logs
Checking M2 service
status
152
Reference
Checking GaussDB
database status
Weekly
Monthly
Prerequisites
l
Context
Normally, the CPU usage should be less than 80%.
Issue 04 (2013-08-30)
153
Procedure
l
2.
On theServer Monitor tab page of the System Monitor Browser window, view
Usage(%).
2.
USER
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
root
PR
15
16
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
34
RT
NI
0
0
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
19
0
VIRT RES
5916 1524
800 292
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
SHR
792
244
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
S %CPU %MEM
R
5 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
S
0 0.0
TIME+
0:00.08
0:26.06
0:02.02
0:00.13
0:00.04
0:00.16
0:00.04
0:00.18
0:00.04
0:00.08
0:00.83
0:00.26
0:00.07
0:00.15
0:00.02
0:00.08
0:00.04
0:00.09
0:01.20
0:00.10
0:00.02
0:00.12
0:00.06
0:00.05
0:00.04
0:00.06
0:00.87
COMMAND
top
init
migration/0
ksoftirqd/0
migration/1
ksoftirqd/1
migration/2
ksoftirqd/2
migration/3
ksoftirqd/3
migration/4
ksoftirqd/4
migration/5
ksoftirqd/5
migration/6
ksoftirqd/6
migration/7
ksoftirqd/7
migration/8
ksoftirqd/8
migration/9
ksoftirqd/9
migration/10
ksoftirqd/10
migration/11
ksoftirqd/11
migration/12
----End
154
Procedure
Step 1 Log in to the server as user omcuser.
l If you have logged in to the server as another user, you can run the su - omcuser command
in the command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command is executed, type the
password of user omcuser.
Step 2 Run the following command to navigate to the /opt/Nastar/var/logs directory.
~> cd /opt/Nastar/var/logs
Step 3 Run the following command to check whether there is any file whose name starts with "core"
in this directory.
~> ls -ltr core*
l Delete the files whose names start with "core" and that are generated one week ago or earlier.
l If there are core files generated within one week in the directory, contact Huawei technical
support engineers.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following command to navigate to the /opt/PSSAU/var/logs directory.
~> cd /opt/PSSAU/var/logs
Step 3 Run the following command to check whether there is any file whose name starts with "core"
in this directory.
~> ls -ltr core*
l Delete the files whose names start with "core" and that are generated one week ago or earlier.
l If there are core files generated within one week in the directory, contact Huawei technical
support engineers.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Issue 04 (2013-08-30)
155
Procedure
Step 1 Log in to the server as user root.
Step 2 Run the following command to check whether the files contain error information:
# more /var/log/messages
In normal cases, the logs do not contain the err or failed messages.
Step 3 Run the following command to check whether the logs in the memory contain error information.
# dmesg
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check whether there are errors in the /opt/Nastar/var/logs
directory.
~> cd /opt/Nastar/var/logs
~> grep ERROR*
l Collect corresponding log files if you can identify the processes with errors at the site. If this
occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3.
Issue 04 (2013-08-30)
156
Step 3 Optional: Run the following commands to pack M2 log files. Then contact Huawei technical
support engineers.
~> cd /opt/Nastar/var
~> tar zcvf error.tar.gz logs
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check whether there are errors in the /opt/Nastar/var/logs
directory.
~> cd /opt/PSSAU/var/logs
~> grep ERROR*
l Collect corresponding log files if you can identify which processes are abnormal onsite. If
this occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3.
Step 3 Optional: Run the following commands to compress the log files. Then contact Huawei
technical support engineers.
~> cd /opt/PSSAU/var
~> tar -zcvf error.tar.gz logs
Step 4 Run the following commands to check the error logs upon BS script execution.
~> cd /opt/PSSAU/var/output/log
~> grep ERROR*
l Collect corresponding log files if you can identify the processes with errors at the site. If this
occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3 again to pack the log files. Then contact Huawei technical support
engineers.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Issue 04 (2013-08-30)
157
Step 2 Run the following commands to check whether there are errors in the /opt/esau/var/logs
directory.
~> cd /opt/esau/var/logs
~> grep ERROR*
l Collect corresponding log files if you can identify which processes are abnormal onsite. If
this occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3.
Step 3 Optional: Run the following commands to compress the log files. Then contact Huawei
technical support engineers.
~> cd /opt/esau/var
~> tar -zcvf error.tar.gz logs
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check whether there are errors in the /opt/Nastar/tomcat/
logs directory.
~> cd /opt/Nastar/tomcat/logs
~> grep ERROR*
l Collect corresponding log files if you can identify which processes are abnormal onsite. If
this occurs, contact Huawei technical support engineers.
l Otherwise, perform Step 3.
Step 3 Optional: Run the following commands to pack the log files. Then contact Huawei technical
support engineers.
~> cd /opt/Nastar/tomcat
~> tar zcvf err.tar.gz logs
----End
Prerequisites
l
Issue 04 (2013-08-30)
158
Procedure
1.
2.
On the Service Monitor tab page of the System Monitor Browser window, check
the service status of the server.
If a service is abnormal, the icon for this service is displayed in red.
In the System Monitor Browser window, right-click any area. In the displayed
shortcut menu, select Refresh to refresh the current window.
l If you have logged in to the server as another user, you can run the su - omcuser command
in the command terminal window to switch to user omcuser.
l If you are required to type a password after the su - omcuser command runs, type the
password of user omcuser.
2.
3.
The M2 may dynamically generate processes and services when it is running. The number of
processes and services queried each time may be different.
----End
159
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check SAU services:
~> cd /opt/PSSAU
~> . ./svc_profile.sh
~> ps_query
When the following or similar information is displayed, SAU services are running.
Service Agent: PSau.Calculator [1 service(s)] pid: 24663
PSau.Calculator
[running]
Service Agent: PSau.Collector [1 service(s)] pid: 24692
PSau.Collector
[running]
Service Agent: PSau.Controller [1 service(s)] pid: 24556
PSau.Controller
[running]
Service Agent: SysMonitor [1 service(s)] pid: 24589
SysMonitor
[running]
[All Services: 4 ] [Running: 4] [Not Running: 0 ]
NOTE
l In the displayed information, if the state of the service is Running, the service operate properly.
l In the displayed information, if the state of the service is Not Running, the service is abnormal.
l At the end of the displayed information, if the value of Not Running is 0, all the SAU services operate
properly. Otherwise, some SAU services have not started.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to view eSAU service status:
~> cd /opt/esau
~> . ./svc_profile.sh
~> esau_ps
When the following or similar information is displayed, eSAU services are running.
Monitor...........................running
eSAU...........................running
SysMonitor.....................running
[All Services: 3] [Running: 3] [Not Running: 0 ]
Issue 04 (2013-08-30)
160
NOTE
l In the displayed information, if the state of the service is Running, you can infer that the service operate
properly.
l In the displayed information, if the state of the service is Not Running, you can infer that the service
is abnormal.
l At the end of the displayed information, if the value of Not Running is 0, you can infer that all the
eSAU services operate properly. Otherwise, some eSAU services have not been started.
----End
Procedure
Step 1 Log in to the server as user omcuser.
Step 2 Run the following commands to check Agent Server service status:
~> cd /opt/Nastar
~> . ./svc_profile.sh
~> cd tomcat
~> . service.sh status
service is running.
l In the displayed information, if the state of the service is running, the service operate
properly.
l In the displayed information, if the state of the service is not running, the service is abnormal.
----End
Prerequisites
l
If the database usage exceeds the preset threshold, the icon of this item is displayed in red.
You can right-click in the System Monitor Browser window and choose Refresh from
the shortcut menu to refresh the current window.
Context
Issue 04 (2013-08-30)
161
Procedure
l
2.
On the Database Monitor tab page of the System Monitor Browser window, check
the usage of the Oracle database.
2.
Run the following command to check whether Oracle database services are started:
# ps -fu oracle
UID PID PPID C STIME TTY TIME CMD
Oracle 5141 1 0 21:36 ? 00:00:00 ora_pmon_imapdb
....
Oracle 5157 1 0 21:36 ? 00:00:00 ora_dbw0_imapdb
...
Oracle 5165 1 0 21:36 ? 00:00:00 ora_lgwr_imapdb
Oracle 5167 1 0 21:36 ? 00:00:00 ora_ckpt_imapdb
Oracle 5169 1 0 21:36 ? 00:00:00 ora_smon_imapdb
...
Oracle 5197 1 0 21:36 ? 00:00:00 ora_arc0_imapdb
...
/opt/oracle/oradb/home/bin/tnslsnr LISTENER -inherit
If the command result contains at least the following six processes, Oracle database
services and listening services are running normally.
ora_pmon_ imapdb
ora_dbw0_ imapdb
ora_lgwr_ imapdb
ora_ckpt_ imapdb
ora_smon_ imapdb
/opt/oracle/oradb/home/bin/tnslsnr
If no command output is displayed, Oracle database services are not started
properly. Start database services by referring to 9.1.3 Staring Oracle.
----End
Prerequisites
You have started the Agent Server service. To check whether Agent Server service are started,
see 8.2.2 Checking Agent Server Service Status.
Procedure
Step 1 Log in to the server as user gaussdba.
Issue 04 (2013-08-30)
162
l If you have logged in to the server as another user, you can run the su - gaussdba command
in the command terminal window to switch to user gaussdba.
l If you are required to type a password after the su - gaussdba command runs, type the
password of user gaussdba.
Step 2 Run the following command to navigate to the home directory:
~> cd ~
Step 3 Run the following command to check GaussDB database status.
~> gs_ctl query
If the information similar to the following is displayed, GaussDB database services are started.
Otherwise, GaussDB database services are not started.
Ha state:
LOCAL_ROLE
STATIC_CONNECTIONS
DB_STATE
DETAIL_INFORMATION
:
:
:
:
Normal
0
Normal
Normal
----End
Prerequisites
l
In normal cases, the usage of each disk partition should be lower than 80%.
The space available on each disk partition must be sufficient to back up the M2.
Context
Procedure
1.
Issue 04 (2013-08-30)
163
2.
l
In the System Monitor Browser window, click the Hard Disk Monitor tab to view
the disk usage of the server.
Log in to the server as user root and run the following command to view the hard disk
usage.
# df -k
2.
----End
Procedure
Step 1 Log in to the server as user root, and then run the following command to check the time of the
server.
# date
The server time is displayed, for example:
Wed Aug 29 14:57:51 CST 2012
Step 2 Change the server time by referring to 2.2 Changing the Date and Time of the Server if it is
incorrect.
----End
Context
During the routine operation and maintenance, back up and delete the following files:
l
Trace logs
Issue 04 (2013-08-30)
164
CAUTION
You can delete files when the server is running. Before deleting files, run the ls -l command to
check the time when the files were generated. Do not delete the files generated on the current
day.
Procedure
Step 1 Export the files containing the information about the M2 server and back up the files to a local
hard disk.
The following files are included:
l User log files
User log dump files are saved in the /opt/Nastar/var/userlogs/ directory.
l Core files generated by the system
Core files are saved in the /opt/Nastar/var/logs, /opt/esau/var/logs, and /opt/PSSAU/var/
logs directories.
l History trace files
Historical trace files are saved in the /opt/Nastar/var/logs/tracebak, /opt/esau/var/logs/
backup, and /opt/PSSAU/var/logs/backup directories.
Step 2 Delete M2 software upgrade packages and decompressed files.
After the software is successfully upgraded, you can delete the original upgrade packages and
the decompressed files. The upgrade packages and decompressed files are stored in a directory
that is named after the upgrade patch in the /export/home/M2update directory.
Step 3 Perform the following substeps to delete the trace logs of M2 services.
1.
2.
3.
Issue 04 (2013-08-30)
165
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
Step 4 Perform the following substeps to delete the trace logs and processed files of eSAU:
1.
2.
3.
Modify the saveDays attribute of the following configuration items in the file to reduce the
time for backing up trace logs and saving the processed files.
In the preceding example, files in /opt/esau/data/eSAUSucceed are successfully processed
and those in /opt/esau/data/eSAUFailed fail to be processed. The system checks the
corresponding directories every 300 seconds. saveDays is the storage duration (days). If
the value exceeds the threshold, the system deletes the earliest trace files in sequence.
<Para path="/opt/esau/data/eSAUSucceed" saveDays="0.5" dirCheckISecs="300"
scriptRoot=""/>
<Para path="/opt/esau/data/eSAUFailed" saveDays="30" dirCheckISecs="300"
scriptRoot=""/>
<Para path="/opt/esau/var/logs/backup " saveDays="30" dirCheckISecs="300"
scriptRoot=""/>
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
5.
Run the following commands to restart eSAU services for the setting to take effect.
a.
Stop eSAU services. For detailed operations, see 8.1.12 Stopping eSAU Services.
b.
Start eSAU services. For detailed operations, see 8.1.11 Starting eSAU Services.
Step 5 Perform the following substeps to delete the trace logs and processed files of SAU:
1.
2.
3.
Issue 04 (2013-08-30)
166
4.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
5.
6.
7.
If you modify the saveDays configuration item under <!-- to delete according to time ->, the system automatically deletes the earliest files in sequence. If you modify the
maxSpace configuration item under <!-- to delete according to size-->, the system scans
the files in the directory. If the value exceeds the threshold, the system deletes the earliest
trace files in sequence.
Modify only the configuration items in bold in the following displayed information:
<?xml version="1.0" encoding="UTF-8"?>
<!--TODO:use XPath tree structure -->
<FileManagerConfig>
<FileDelInfo delaySecs="100" intervalSecs="300">
<!-- to delete according to time -->
<Para path="/opt/PSSAU/var/output/filepath" saveDays="1"
rmSubDir="0" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/M2_MCHR" saveDays="90" rmSubDir="1"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/MCounter" saveDays="1" rmSubDir="1"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/ReduceMCounter" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/ftpdir" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/reduceDir" saveDays="1"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/EDR" saveDays="1" rmSubDir="1"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/PCRF/master" saveDays="3"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/data/PCRF/cu" saveDays="0.125"
rmSubDir="0" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/db/PCRF_QUOTA_INDEX"
saveDays="0.125" rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/db/PCRF_SUBSCRIBER_INDEX"
saveDays="0.125" rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/logupload" saveDays="0.125"
rmSubDir="1" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/logs" saveDays="10" rmSubDir="0"
dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/output/log" saveDays="10"
rmSubDir="0" dirCheckISecs="300"/>
<Para path="/opt/PSSAU/var/operation" saveDays="10"
rmSubDir="0" dirCheckISecs="300"/>
<Para path="/var/logs" saveDays="10" rmSubDir="1"
dirCheckISecs="300"/>
<!--to delete according to size -->
<FilePathGrp name="COUNTER" maxSpace="50" cleanupPercent="50"
> <!--maxSpace:Gb-->
<Para path="/opt/PSSAU/var/output/filepath" saveDays="1"
rmSubDir="0" dirCheckISecs="300"/>
Issue 04 (2013-08-30)
167
8.
Press Esc after the change is complete. Run the command :wq! and press Enter to save
the change and exit the vi editor.
9.
Perform the following substeps to restart SAU services for the setting to take effect.
Issue 04 (2013-08-30)
a.
Stop SAU services. For detailed operations, see 8.1.8 Stopping SAU Services.
b.
Start SAU services. For detailed operations, see 8.1.7 Starting SAU Services.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
168
CAUTION
Before clearing up disk space, check that the files you want to delete are no longer required.
Deleting useful files by mistake might cause abnormal system running.
1.
2.
3.
Delete all files in the /var/tmp directory after you stop M2 services.
l Stop M2 services. For detailed operations, see 8.1.4 Stopping M2 Server Services.
l Restart M2 services. For detailed operations, see 8.1.3 Starting M2 Server Services.
4.
Step 7 Delete the historical data that has been processed by the M2 service process.
1.
2.
3.
4.
5.
2.
3.
Optional: If you need to locate the problems, back up the files in the directory.
4.
5.
Issue 04 (2013-08-30)
169
~> cd /opt/Nastar/
~> . ./svc_profile.sh
~> cd /opt/Nastar/tomcat
~> . service.sh stop
b.
----End
Prerequisites
You have installed the client software.
Context
l
You are advised not to delete the files generated on the current day.
You are advised not to delete files when the client is running.
Before you delete a file, check that it can be deleted. Deleting useful files by mistake may
lead to system operation errors.
Procedure
Step 1 Delete historical trace logs.
NOTE
Clearing up disk space tasks involves deleting historical trace logs on the client.
The historical trace logs are saved in the Installation directory of the client software\client
\tracefile directory.
----End
Issue 04 (2013-08-30)
170
Procedure
Step 1 Log in to the M2 client as user admin.
Step 2 Choose Security > Security Management.
Step 3 Set the rights of M2 users in the Security Management window.
Adhere to the following principles when you set user rights:
l Delete expired user accounts in time.
l Classify users into different user groups based on user rights, and then assign rights to user
groups instead of users. This minimizes the impact on the performance of the M2 system.
----End
Procedure
Step 1 Check the power supply indicators on the server and the monitor.
In normal cases, all power supply indicators are on and green and all fault indicators are off.
Step 2 To view the power supply failure information recorded in the recent logs by the SUSE Linux
operating system, run the following commands:
# more /var/log/messages
# more /var/log/warn
In normal cases, the logs do not contain any power supply failure information.
Step 3 Check that the power supply of the server works properly.
In normal cases, all the indicators of the external power supply are on and green, and all the fault
indicators are off.
----End
Prerequisites
l
Issue 04 (2013-08-30)
171
Context
A message is displayed one week before the license expires.
Procedure
Step 1 In the main menu, choose Help > License Management > License Information.
Step 2 The expiry time of the M2 license is displayed in the first row of the Resource Control Item
table in the License Information dialog box, as shown in Figure 12-1.
Figure 12-1 License information
----End
Issue 04 (2013-08-30)
172
13 FAQs
13
FAQs
Issue 04 (2013-08-30)
173
13 FAQs
Prerequisites
l
You have contacted Huawei technical support engineers to obtain PuTTY at http://
support.huawei.com.
Path for Huawei technical support to download the software at http://
support.huawei.com: Software Center > Controlled Tool > Core Network Line >
Wireless OSS > iManager M2000-II > Public Tools.
Context
CAUTION
After operating system hardening is performed, if you fail to log in to the server as user root in
password authentication mode using SSH, you can log in to the server as a user other than
root, for example, user omcuser, in SSH mode. Then, run the su - root command to switch to
user root.
Procedure
Step 1 Decompress PuTTY.zip. In the decompressed folder, double-click putty.exe. A dialog box is
displayed, as shown in Figure 13-1.
Issue 04 (2013-08-30)
174
13 FAQs
Step 2 Optional: To record operation logs, choose Session > Logging from the left navigation tree,
select Log all session output in the Session logging area, and set the save path of the operation
logs in the Log file name area, as shown in Figure 13-2.
Issue 04 (2013-08-30)
175
13 FAQs
Step 3 Choose Session in the left pane, select SSH in the right pane, enter server IP address in Host
Name (or IP Address), and then click Open to log in to the server, as shown in Figure 13-3.
When PuTTY is started for the first time, the PuTTY Security Alert dialog may be displayed.
Click Yes to continue.
Issue 04 (2013-08-30)
176
13 FAQs
Step 4 Type the user name and password for the server to log in to the server as prompted.
login as: root
root@10.148.63.155's password:
Last login: Wed Dec 21 14:04:49 2011 from 192.168.128.100
You are trying to access a restricted zone. Only Authorized Users allowed.
----End
Prerequisites
l
You have obtained the file to be uploaded to the server and have saved the file to the PC.
You have contacted Huawei technical support engineers to obtain FileZilla.zip at http://
support.huawei.com and decompressed it to the PC.
Issue 04 (2013-08-30)
177
13 FAQs
Procedure
Step 1 Double-click filezilla.exe to start the tool.
Step 2 In the upper left area of the FileZilla window, click
Step 3 In the lower left area of the Site Manager dialog box, click New Site.
Step 4 On the General tab page, set site parameters according to Table 13-1.
Table 13-1 Parameters in the Site Manager dialog box
Parameter
Description
Host
Port
22
Port 22 is the default port for SFTP transfer.
Server type
SFTP
Logon type
Normal
User
Enter the user name and password of the destination server. The user has
permission to access the destination directory.
Password
NOTE
l If the user uploads or downloads files, the user must also have the permission to
upload from or download to the destination directory.
l If you cannot connect to the server through SFTP as user root using the FileZilla
after operating system security hardening is performed. To connect to the server
through SFTP, you can use a user account other than root, for example, omcuser.
l You can ignore the dialog box displayed during the connection. Click OK in the dialog box.
l After the connection is successful, the Remote Site area displays directory information on the remote
server.
Step 6 In the Remote site area, set the destination directory on the server. For example, /opt.
After you set the directory, the Remote site area displays all files stored in this directory.
Step 7 In the Local site area, set the source directory on the PC. For example, D:\FILE.
After you set the directory, the Local site area displays all files stored in this directory.
Step 8 Perform the following operations as required.
Issue 04 (2013-08-30)
178
13 FAQs
Purpose
Operation
Upload files
In the Local site area, right-click the file to be uploaded and choose
Upload from the shortcut menu.
Download files
In the Remote site area, right-click the file to be downloaded and choose
Download from the shortcut menu.
TIP
If the upload or download fails, click the Failed transfers tab in the lower left area of the FileZilla window.
Then right-click the file that fails to be transferred and choose Reset and requeue selected files from the
shortcut menu to resume the file transfer.
----End
Question
How do I start M2 system services using the one-click script?
Answer
NOTE
Perform the following steps to start M2 system services if at least one of the above is available.
Start M2 system services by referring to 13.5 How Do I Start M2 System Services? if neither of
them is available.
Step 1 Optional: Log in to the server as user root. Then, run the following commands to decompress
one-click installation packge:
# cd /export/home/m2install
# tar -xvf M2V100R002C00SPC400OneKeyInstall_pkg.tar
Step 2 Check that the Oracle database services are started properly.
1.
Check Oracle database service status. For detailed operations, see 9.1.2 Checking Oracle
Database Running Status.
2.
Start Oracle database services if they are not normally started. For detailed operations, see
9.1.3 Staring Oracle.
179
13 FAQs
Question
How do I stop M2 system services using the one-click script?
Answer
NOTE
Perform the following steps to stop M2 system services if at least one of the above is available.
Stop M2 system services by referring to 13.6 How Do I Stop M2 System Services? if neither of
them is available.
Step 1 Optional: Log in to the server as user root. Then, run the following commands to decompress
one-click installation packge:
# cd /export/home/m2install
# tar -xvf M2V100R002C00SPC400OneKeyInstall_pkg.tar
Step 2 Log in to the server as user omcuser.
Step 3 Run the following commands to stop M2 system services:
~> cd /export/home/m2install
~> sh svc_stop.sh
When the following information is displayed, type yes.
Warning : you are going to stop all products' services
Are you going to continue [yes/no]: yes
Issue 04 (2013-08-30)
180
13 FAQs
If the following information is displayed, all the services are stopped. Otherwise, perform Step
4 to forcibly stop services.
PSSAU
.......... [OK]
eSAU
.......... [OK]
M2Server .......... [OK]
Step 4 Perform the following step to forcibly stop M2 services if you fail to stop the services in Step
3. Otherwise, skip this step.
1.
2.
3.
4.
Run the following command to check whether the TAO process is stopped:
~> ps -ef |grep 9999 |grep -v grep
l If no command output is displayed, the TAO process has been stopped.
l If there is any command output, the TAO process has not been stopped. If this occurs,
run the following command to forcibly stop the TAO process:
~> kill 9 Process ID
Process ID in the preceding command indicates the process ID in the second column
of the command output.
----End
Question
How do I start M2 system services?
Issue 04 (2013-08-30)
181
13 FAQs
Answer
NOTE
Start M2 system services by referring to 13.3 How Do I Start M2 System Services? (One-Click)
if at least one of the above is available.
Perform the following steps to start M2 system services if neither of them is available.
Log in to the server as user omcuser, and then run the following command to navigate to
the installation directory of the M2 server software (the default installation directory of the
M2 server software is /opt/Nastar):
~> cd /opt/Nastar
2.
3.
Run the following command to check whether all M2 services are stared.
~> svc_adm -cmd status
Check the value of the parameter Not Running: If the parameter value is 0, all services
are normally started. Otherwise, some M2 services are not started.
2.
3.
Run the following command to check whether all eSAU services are stared.
~> esau_ps
Check the value of the parameter Not Running: If the parameter value is 0, all services
are normally started. Otherwise, some eSAU services are not started.
2.
3.
Issue 04 (2013-08-30)
Run the following command to check whether all SAU services are stared.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
182
13 FAQs
~> ps_query
Check the value of the parameter Not Running: If the parameter value is 0, all services
are normally started. Otherwise, some SAU services are not started.
Step 4 Start Agent Server service.
1.
Log in to the server as user omcuser, and then run the following command to navigate to
the installation directory of the M2 server software (the default installation directory of the
M2 server software is /opt/Nastar):
~> cd /opt/Nastar
2.
2.
----End
Question
How do I stop M2 system services?
Issue 04 (2013-08-30)
183
13 FAQs
Answer
NOTE
Stop M2 system services by referring to 13.4 How Do I Stop M2 System Services? (One-Click) if
at least one of the above is available.
Perform the following steps to stop M2 system services if neither of them is available.
Log in to the server as user omcuser, and then run the following command to navigate to
the installation directory of the M2 server software (the default installation directory of the
M2 server software is /opt/Nastar):
~> cd /opt/Nastar
2.
3.
Run the following command to check whether the service processes are stopped:
~> svc_ps
l If no command result is displayed, the service processes are stopped.
l If any command result is displayed, run the kill_svc command to forcibly stop the
running service processes.
4.
5.
Run the following command to check whether the daemon process is stopped:
~> daem_ps
l If no command result is displayed, the daemon process is stopped.
l If any command result is displayed, run the kill_daem command to forcibly stop the
daemon.
6.
Run the following command to check whether the TAO process is stopped:
~> ps -ef |grep 9999 |grep -v grep
l If no command result is displayed, the TAO process is stopped.
l If any command result is displayed, run the stop_tao_services command to forcibly
stop the TAO process.
2.
Issue 04 (2013-08-30)
184
13 FAQs
~> esau_stop
3.
Run the following command to ensure that all eSAU services have stopped:
~> esau_ps
Information similar to the following is displayed:
Monitor............................not running
eSAU...............................not running
SysMonitor.........................not running
[All Services: 3 ] [Running: 0 ] [Not Running: 3 ]
2.
3.
Run the following command to ensure that all SAU services have stopped:
~> ps_query
l If no command output is displayed, the SAU services have stopped.
l If any command output is displayed, run the ps_kill command to forcibly stop the
services.
Log in to the server as user omcuser, and then run the following command to navigate to
the installation directory of the M2 server software (the default installation directory of the
M2 server software is /opt/Nastar):
~> cd /opt/Nastar
2.
Issue 04 (2013-08-30)
185
13 FAQs
~> su - gaussdba
2.
----End
Issue 04 (2013-08-30)
186