Veritas NetBackup™ Logging Reference Guide

Last Published:
Product(s): NetBackup (9.0.0.1, 9.0)
  1. Using logs
    1.  
      About logging
    2.  
      Logging levels
    3.  
      Log retention and log size
    4. Changing the logging levels
      1.  
        Set the Media Manager debug logging to a higher level
      2.  
        Changing the logging level on Windows clients
    5. About unified logging
      1.  
        Gathering unified logs for NetBackup
      2.  
        Types of unified logging messages
      3.  
        File name format for unified logging
      4.  
        Originator IDs for the entities that use unified logging
      5.  
        About changing the location of unified log files
      6.  
        About rolling over unified log files
      7.  
        About recycling unified log files
      8.  
        About using the vxlogview command to view unified logs
      9.  
        Examples of using vxlogview to view unified logs
      10.  
        Examples of using vxlogmgr to manage unified logs
      11.  
        Examples of using vxlogcfg to configure unified logs
    6. About legacy logging
      1.  
        UNIX client processes that use legacy logging
      2.  
        PC client processes that use legacy logging
      3.  
        File name format for legacy logging
      4.  
        Directory names for legacy debug logs for servers
      5.  
        Directory names for legacy debug logs for media and device management
      6.  
        How to control the amount of information written to legacy logging files
      7.  
        About limiting the size and the retention of legacy logs
      8.  
        Configuring the legacy log rotation
    7.  
      Setting retention limits for logs on clients
    8.  
      UNIX logging with syslogd
    9.  
      Logging options with the Windows Event Viewer
  2. Backup process and logging
    1.  
      Backup process
    2. NetBackup process descriptions
      1.  
        Backup and restore startup process
      2.  
        Backup and archive processes
      3.  
        Backups and archives - UNIX clients
      4.  
        Multiplexed backup process
    3.  
      About backup logging
    4.  
      Sending backup logs to Technical Support
  3. Media and device processes and logging
    1.  
      Media and device management startup process
    2.  
      Media and device management process
    3.  
      Shared Storage Option management process
    4.  
      Barcode operations
    5.  
      Media and device management components
  4. Restore process and logging
    1.  
      Restore process
    2.  
      UNIX client restore
    3.  
      Windows client restore
    4.  
      About restore logging
    5.  
      Sending restore logs to Technical Support
  5. Advanced backup and restore features
    1.  
      SAN Client Fiber Transport backup
    2.  
      SAN Client Fiber Transport restore
    3.  
      Hot catalog backup
    4.  
      Hot catalog restore
    5. Synthetic backups
      1.  
        Logs to accompany problem reports for synthetic backups
      2.  
        Creating legacy log directories to accompany problem reports for synthetic backup
  6. Storage logging
    1.  
      NDMP backup logging
    2.  
      NDMP restore logging
  7. NetBackup Deduplication logging
    1.  
      Deduplication backup process to the Media Server Deduplication Pool (MSDP)
    2.  
      Client deduplication logging
    3.  
      Deduplication configuration logs
    4.  
      Media server deduplication/pdplugin logging
    5.  
      Disk monitoring logging
    6.  
      Logging keywords
  8. OpenStorage Technology (OST) logging
    1.  
      OpenStorage Technology (OST) backup logging
    2.  
      OpenStorage Technology (OST) configuration and management
  9. Storage lifecycle policy (SLP) and Auto Image Replication (A.I.R.) logging
    1.  
      About storage lifecycle policies (SLPs) and Auto Image Replication (A.I.R.)
    2.  
      Storage lifecycle policy (SLP) duplication process flow
    3.  
      Automatic Image Replication (A.I.R.) process flow logging
    4.  
      Import process flow
    5.  
      SLP and A.I.R. logging
    6.  
      SLP configuration and management
  10. NetBackup secure communication logging
    1.  
      About NetBackup secure communication logging
    2.  
      Tomcat logging
    3.  
      NetBackup web services logging
    4.  
      Command-line logging
    5.  
      NetBackup cURL logging
    6.  
      Java logging
    7.  
      Embeddable Authentication Client (EAT) logging
    8.  
      Authentication Services (AT) logging
    9.  
      vssat logging
    10. NetBackup proxy helper logging
      1.  
        Originator ID 486
    11. NetBackup proxy tunnel logging
      1.  
        Originator ID 490
    12.  
      PBX logging
    13.  
      Sending secure communication logs to Veritas Technical Support
  11. Snapshot technologies
    1.  
      Snapshot Client backup
    2.  
      VMware backup
    3.  
      Snapshot backup and Windows open file backups
  12. Locating logs
    1.  
      Overview of NetBackup log locations and processes
    2.  
      acsssi logging
    3.  
      bpbackup logging
    4.  
      bpbkar logging
    5.  
      bpbrm logging
    6.  
      bpcd logging
    7.  
      bpcompatd logging
    8.  
      bpdbm logging
    9.  
      bpjobd logging
    10.  
      bprd logging
    11.  
      bprestore logging
    12.  
      bptestnetconn logging
    13.  
      bptm logging
    14.  
      daemon logging
    15.  
      ltid logging
    16.  
      nbemm logging
    17.  
      nbjm logging
    18.  
      nbpem logging
    19.  
      nbproxy logging
    20.  
      nbrb logging
    21.  
      NetBackup Vault logging
    22.  
      NetBackup web services logging
    23.  
      NetBackup web server certificate logging
    24.  
      PBX logging
    25.  
      reqlib logging
    26.  
      Robots logging
    27.  
      tar logging
    28.  
      txxd and txxcd logging
    29.  
      vnetd logging
  13. NetBackup Administration Console logging
    1.  
      NetBackup Administration Console logging process flow
    2.  
      Enabling detailed debug logging for the NetBackup Administration Console
    3.  
      Setting up a secure channel between the NetBackup Administration Console and bpjava-*
    4.  
      Setting up a secure channel between the NetBackup Administration Console and either nbsl or nbvault
    5.  
      NetBackup Administration Console logging configuration on NetBackup servers and clients
    6.  
      Logging Java operations for the NetBackup Remote Administration Console
    7.  
      Configuring and gathering logs when troubleshooting NetBackup Administration Console issues
    8.  
      Undo logging
  14. Using the Logging Assistant
    1.  
      About the Logging Assistant
    2.  
      Logging Assistant sequence of operation
    3.  
      Viewing the Logging Assistant records
    4.  
      Adding or deleting a Logging Assistant record
    5.  
      Setting up debug logging
    6.  
      Set minimum debug logging
    7.  
      Disabling debug logging

Setting up a secure channel between the NetBackup Administration Console and bpjava-*

The following steps describe the process flow to set up a secure channel between the NetBackup Administration Console and bpjava-*:

Note:

The following processes are used: bpjava-msvc, which controls the login and authentication; bpjava-susvc, which is the administration console process; and bpjava-usvc, which is the client Backup, Archive, and Restore (BAR) interface.

  1. The user initiates a login to the console. The credentials are sent to bpjava-msvc over the SSL (using the Server Security Certificate).

  2. The bpjava-msvc process authenticates the user who uses the user credentials that were received in step 1.

  3. After the user is authenticated, the bpjava-msvc process performs the following:

    • Generates the entities that are called the self-signed session certificate, the key, and the session token.

    • Launches the daemon bpjava-*usvc to gather more requests from the NetBackup Administration Console.

    • Passes the self-signed session certificate and the session token to bpjava-*usvc.

      Note:

      The bpjava-*usvc process uses a session certificate as a Server Security Certificate for the SSL channel. It uses the session token to authenticate the NetBackup Administration Console. The console does not use credentials while it connects to the bpjava-*usvc process. The NetBackup Administration Console uses the session token for authentication.

    • Sends the session token and the fingerprint of the session certificate to the NetBackup Administration Console.

    • Persists session token and user information to a secure directory (install_path/var; for example, /usr/openv/var) in a file on the NetBackup host. This directory is accessible only to the root/administrator. The file name format is as follows:

      hash(session token)_bpjava-*usvc_pid

      Note:

      msvc saves this information so it can be used by nbsl or nbvault to authenticate the NetBackup Administration Console.

    • The msvc process stops the execution and exits.

  4. bpjava-*usvc uses the session certificate to start the secure channel with the NetBackup Administration Console. This secure channel is a one-way authenticated SSL channel. (Only the server certificate is present and there is no peer certificate. There is no certificate from the NetBackup Administration Console side.)

  5. The NetBackup Administration Console receives the session certificate as a part of the initial SSL handshake. It verifies the authenticity of the session certificate by using the pre-existing fingerprint of the session certificate (see step 3). The NetBackup Administration Console calculates the fingerprint of the session certificate that was received from bpjava-*usvc due to the SSL handshake. It compares the new fingerprint with the fingerprint sent by msvc.

  6. Once the authenticity of the certificate is verified, the NetBackup Administration Console sends the session token (received in step 3) to bpjava-*usvc.

  7. bpjava-*usvc verifies the received session token with the pre-existing one (see step 3).

  8. The success of the session token validation creates trust between bpjava-*usvc and the NetBackup Administration Console.

  9. All further communication occurs between bpjava-*usvc and the NetBackup Administration Console on this trusted secure channel.