 |
Index for
Section 4 |
|
 |
Alphabetical
listing for E |
|
 |
Bottom of
page |
|
evmdaemon.conf(4)
NAME
evmdaemon.conf - EVM daemon configuration file
SYNOPSIS
authentdir directory
sourcedir directory
authtimeout time_seconds
synctimeout time_seconds
portnum port_number
start_sync command
remote_connection bool_par
max_msg_size message_size
filterdir filter_dir
activity_monitor {
name detector
period detect_period
threshold detect_thold
holdoff detect_delay
}
service {
name service_name
command service_command
}
DESCRIPTION
The Event Manager (EVM) daemon configuration file, evmdaemon.conf, is a
text file that contains commands used to configure and start the Event
Manager. Any portion of a line from an unquoted number sign (#) to the end
of line is a comment. Blank lines are ignored. The following commands are
recognized:
authentdir directory
Names the directory that is used to hold temporary authentication
files. The default is /var/evm/shared.
sourcedir directory
Names the root of the directory structure that should be searched for
event template files. The default is /usr/share/evm/templates.
authtimeout time_seconds
Time to wait for a newly established client to respond to an
authentication request. The default is 10 seconds.
synctimeout time_seconds
Time within which a synchronized client must achieve synchronization
completing a connection request and subscribing for events. The default
is 30 seconds.
portnum port_number
The port number for TCP communication with remote clients. If not
specified, the evm port number found in /etc/services is used if
present; otherwise the reserved default value of 619 is used.
start_sync command
The complete command line for programs that should be started as
synchronized clients when the daemon starts. This command should be
enclosed in double quotation marks (").
remote_connection bool_par
Determines the permission for connections through a remote TCP port. If
bool_par evaluates to TRUE, remote connection is permitted. The
default is not permitted. The bool_par parameter should be True or
False.
Note
Only enable remote access if your system is running in a fully
secure environment. See the System Administration guide for event
management security considerations.
max_msg_size message_size
The maximum number of bytes the daemon will accept from any connection
in a single message. If a client attempts to send a message that is
longer than the specified size, the daemon immediately terminates the
connection without reading the message. This keyword can be used to
limit the sizes of events that can be posted, to prevent the daemon
from consuming excessive amounts of memory or CPU time by handling very
large events.
Note
Setting this value too low may prevent normal system events from
being posted.
If this keyword is not specified, a default value of 2 Mbytes is used.
If the keyword is specified and the supplied value is less than 200
Kbytes or greater than 10 Mbytes, it is set automatically to the
closest of those values.
The daemon accepts messages up to 200 bytes longer than the specified
size to allow for communication protocol overhead.
filterdir filter_dir
A colon-separated list of directories to be searched for filter files
in place of the standard locations. If specified, the daemon uses this
value internally to evaluate filter strings that reference pre-created
filter files, and also passes it to service programs such as the event
retrieval service program, evmget_srv, by exporting the environment
variable EVM_FILTERDIR. This makes the path available to the event
channels' get-function scripts. The default value for this keyword is
/usr/share/evm/filters. See evmfilterfile(4) for more information.
If this keyword is not specified, a default value of 2 Mbytes is used.
If the keyword is specified and the supplied value is less than 200
Kbytes or greater than 10 Mbytes, it is set automatically to the
closest of those values.
The daemon accepts messages up to 200 bytes longer than the specified
size to allow for communication protocol overhead.
activity_monitor
A parameter group that controls a daemon event monitoring facility. An
activity_monitor definition consists of:
name detector
The type of detector controlled by the group parameters.
period detect_period
The size, in minutes, of a periodically sliding time window over
which events will be counted.
threshold detect_thold
The number of events that will activate the monitor if counted in
period.
holdoff detect_delay
The time delay, in minutes, after activation of the activity
monitor occurs before monitoring is resumed. The evmreload command
will reset the delay.
service
Defines services that are available through the daemon. A service
definition consists of the name of the service and the command line
that will be invoked when this service is requested. User-defined
services are not currently supported.
A service definition consists of:
name service_name
The name given to the service.
command service_command
The command to be invoked when this service is requested. This
command should be enclosed in double quotation marks (").
The keywords described may be entered in a case-insensitive manner. The
allowable strings and the minimum number of characters is shown in the
following table. A minimum of zero (0) indicates that all characters are
required.
___________________________
Keyword Minimum
___________________________
activity_monitor 0
authtimeout 8
command 4
filterdir 7
holdoff 0
max_msg_size 7
name 0
period 0
portnum 4
remote_connection 0
service 7
sourcedir 7
start_sync 0
synctimeout 8
threshold 0
___________________________
The activity monitor detectors recognized, and the action taken when the
monitor is activated are the following:
__________________________________________________
Detector Action
__________________________________________________
event_count
post an event to alert the system
administrator
__________________________________________________
EXAMPLES
This is an example of an EVM daemon configuration file that does the
following:
1. Specifies that event templates are found in the directory
/usr/share/evm/templates.
2. Starts the EVM Logger and the EVM Channel Manager as synchronized
clients when the daemon is started.
3. Defines a service available through the EVM daemon.
4. Establishes an activity monitor that will alert the system
administrator if 500 events occur in any 10 minute span. Once the
system administrator has been alerted, the activity monitor will
remain dormant for four hours.
5. Disables connections from remote hosts.
# Event template directory:
sourcedir "/usr/share/evm/templates"
# Start the EVM Logger as a synchronized client:
start_sync "/usr/sbin/evmlogger \
-o /var/run/evmlogger.info \
-l /var/evm/adm/logfiles/evmlogger.log"
# Start the EVM Channel Manager as a synchronized client:
start_sync "/usr/sbin/evmchmgr \
-l /var/evm/adm/logfiles/evmchmgr.log"
# Event retrieval service definition:
service { name event_get
command "/usr/sbin/evmget_srv"
}
# Set up an activity monitor.
activity_monitor {
name event_count # currently the only supported monitor
period 10 # count over a 10 minute period
threshold 500 # perform action after 500 events
holdoff 240 # wait 4 hours before resuming
}
# Disable remote communication (set following to "true" to enable)
remote_connection false
FILES
/etc/evm.auth
Location of the EVM authorization file.
/etc/evmdaemon.conf
Location of the EVM daemon configuration file.
/etc/services
Definition of the sockets and protocols used for Internet services.
SEE ALSO
Commands: evmd(8), evmreload(8)
Files: evmfilterfile(4), services(4)
Event Management: EVM(5)
System Administration
|
Index for
Section 4 |
|
|
Alphabetical
listing for E |
|
 |
Top of
page |
|