8.2 EVM Components
8.2 EVM Components
EVM components are located in the root (/), /usr, and /var directory trees. The root (/) tree (shown in Figure 8-2) contains the EVM configuration files (in /etc), the init startup script (in /sbin/init.d), the kernel EVM device special files (in /dev), and the EVM API shared library (not shown). The /usr directory tree (shown in Figure 8-3) contains the EVM CLI and GUI programs, the resident components, the EVM filters, templates, and channel service routines, as well as a slew of other files (reference pages, examples, the static EVM API libraries, etc.) that are not shown. The /var tree (Figure 8-4) contains the logs, sockets, and site-defined filters, template, and channel service routines directory hierarchy.
Figure 8-2: EVM root directory hierarchy
Figure 8-3: EVM /usr directory hierarchy
Figure 8-4: EVM /var directory hierarchy
8.2.1 EVM Resident Components
EVM has three primary components for event management:
-
evmd
-
evmchmgr
-
evmlogger
8.2.1.1 The EVM Daemon (evmd)
The EVM daemon is the main distribution hub for EVM. It is started during system initialization at runlevel 2, although it cannot access remote connections until runlevel 3. Communication to evmd is handled via socket connections. Posting and subscription requests are handled directly by evmd.
However, event retrieval is handled by forking an event_get service program (actually, /usr/sbin/evmget_srv. See /etc/evmdaemon.conf).
The EVM daemon starts both the Channel Manager and the Logger processes as defined in the /etc/evmdaemon.conf file. In fact, it can be configured to start any site-defined synchronizing client process as well.
For more information, see the evmd(8) and the evmdaemon.conf(4) reference pages.
8.2.1.2 The EVM Channel Manager (evmchmgr)
The channel manager is responsible for the monitoring and cleanup of channels defined in the /etc/evmchannel.conf file, provided they have a monitor (fn_monitor) or cleanup (fn_cleanup) service routine defined. The channel manager is started automatically by the evmd daemon and should not be run as a standalone program.
By default, evmchmgr will write any error output to stderr.
For additional information, see the evmchmgr(8) and the evmchannel.conf(4) reference pages.
8.2.1.3 The EVM Logger (evmlogger)
The logger program is a subscriber of EVM events as defined in the /etc/evmlogger.conf file. This daemon subscribes to events and then writes them to an eventlog (such as /var/adm/evmlog/evmlog.dated) or forwards them using a forward command (such as sending email to the root account). The logger is started automatically by the evmd daemon but can be run as a standalone program by creating a configuration file and starting an evmlogger process with the "-c" switch. For example:
# evmlogger –c $HOME/evm/myEVMlogger.conf
By default, the evmlogger will write any error output to stderr.
For additional information, see the evmlogger(8) and the evmlogger.conf(4) reference pages.
8.2.2 EVM Configuration Files
The EVM configuration files are located in the /etc directory. We have already mentioned a few configuration files in the previous section: here we show them again along with additional files not mentioned earlier:
-
evm.auth
The evm.auth file is the event authorization file. It defines who can post or access events and service routines. See section 8.6.1 or the evm.auth(4) reference page for more information.
-
evmchannel.conf
The evmchannel.conf file is where EVM channels and their functions are configured. This file is read by evmchmgr (see section 8.2.1.2). Table 8-1 shows the services that can be defined for each channel.
Table 8-1: EVM Channel Services Event Channel service
Function
Keyword
Description
Cleanup
fn_cleanup
This function is called daily by evmchmgr daemon to archive and/or remove log files used by this channel.
Event Detail
fn_details
This function is called by "evmshow -d" to get a detailed view of the contents of the event from the channel.
Event Explanation
fn_explain
This function is called by "evmshow -x" to get an explanation of the event from the channel, and if apprropriate, any necessary action.
Retrieval
fn_get
This function is called by the evmget_srv programe to retrieve events from the channel. Note, this happens when you run the evmget command.
Monitor
fn_monitor
This function is called periodically by the evmchmgr daemon to check the status of the channel, and to post EVM events as necessary. Monitor functions are usually defined for passive event channels.
For more information, see the evmchannel.conf(4) reference page.
-
evmdaemon.conf
The evmdaemon.conf file is the configuration file for evmd. Among other things, this file tells the evmd daemon to start the evmchmgr and evmlogger processes, which event_get service program to use, and whether to accept remote connections.
For more information, see the evmdaemon.conf(4) reference page.
-
evmlogger.conf
The evmlogger.conf file is used to configure the evmlogger (see section 8.2.1.3). For more information, see the evmlogger.conf(4) reference page.
-
syslog_evm.conf
The syslog_evm.conf configuration file is used by the syslogd daemon to define what syslog events should be forwarded to the EVM daemon. See the syslog_evm.conf(4) reference page for additional information.
After making any changes to a configuration file, you need to tell EVM about the change by telling the EVM resident components (see section 8.2.1 for more information) to reload the configuration files.
To reconfigure all the EVM resident components:
# evmreload
To reconfigure only the EVM daemon:
# evmreload -d
To reconfigure only the EVM channel manager process:
# evmreload -c
To reconfigure only the EVM logger process:
# evmreload -l
If you make changes to an event template, check the template syntax before reconfiguring the EVM daemon with the following command.
# evmreload -n
For more information, see the evmreload(8) reference page.
8.2.3 EVM Channels
A channel is a source for events. There are two types of channels:
-
Active
An example of an active channel is the syslogd daemon. The syslogd daemon receives events from an application or kernel subsystem and traditionally logged the event to one or more log files as defined in /etc/syslog.conf. The syslogd daemon has been modified to also act as a channel to EVM. Now, syslogd daemon receives an event, logs the event, and sends the event to the evmd daemon.
-
Passive
An example of a passive channel is a log file. The log file is not active in that it does not "actively" send events to the evmd daemon. However, if a subscribing client is looking for an event of the type defined by the event channel, then the evmget_svr program will retrieve the event from the log and pass it to the subscriber.
Channels are defined in the /etc/evmchannel.conf file; channel services are defined in the /usr/share/evm/channels/<channel> directory tree; channel filters are defined in /usr/share/evm/filters/<channel>.evf; and channel event templates are defined in /usr/share/evm/templates/sys/<channel>.evt. For example:
What channels are defined?
# /usr/bin/evminfo -lc syslog binlog misclog evmlog
Choose one of the channels. In this example, let's pick "binlog".
# ls /usr/share/evm/channels/binlog binlog2evm binlog_details binlog_get binlog_cleanup binlog_explain binlogshow
The channels directory contains the service routines for the binlog channel. We can verify this by referring back to the /etc/evmchannel.conf file.
# cat /etc/evmchannel.conf ... # ================================== # Event channel: binary error log # ================================== channel { name binlog path /usr/share/evm/channels/binlog events @SYS_VP@.binlog fn_get "binlog_get -r 8d" fn_details "binlog_details -decevent -ca localhost" fn_explain "binlog_explain" fn_cleanup "binlog_cleanup" } ... Before you ask, "What are those binlog2evm and binlogshow files?"…
# grep binlog2evm * binlog_get:CONVTOOL=$DIR/binlog2evm # Converts binlog events to EVM events
# grep binlogshow * binlog_details:CONVTOOL='${DIRNAME} $0'/binlogshow Finally, filters and templates are defined in the /usr/share/evm/filters/binlog.evf and /usr/share/evm/templates/sys/binlog.evt files (see sections 8.2.4 and 8.2.5).
One final note on channels: if you plan to define your own channel, place the definition in /etc/evmchannel.conf, but place the supporting files in the /var/evm/adm directory tree instead of /usr/share/evm.
8.2.4 EVM Filter Files
EVM filter files are located in the /usr/share/evm/filters directory (site-defined filter files should be placed in the /var/evm/adm/filters directory). Filter files should end with the suffix ".evf".
See section 8.5 for additional information.
8.2.5 EVM Commands
Examples of using the EVM commands are in section 8.7, except for the evmreload(8)command, which was shown in section 8.2.2. EVM commands are shown in Table 8-2.
| EVM Commands | |||||
|---|---|---|---|---|---|
| Run?[*] | Command | Location | Man | Type | Description |
| √ | evmget | /usr/bin | 1 | binary | This programme retrieves events from log files, and writes them to stdout in the form of binary EVM events. |
| √ | evminfo | /usr/bin | 1 | binary | This provides information regarding the EVM subsystem. It also provides configuration file syntax verification. |
| √ | evmpost | /usr/bin | 1 | binary | This program allows posting of an event from the command line or script. It provides the ability for administrators and users to post quick (or simple) messages to EVM. |
| √ | evmshow | /usr/bin | 1 | binary | This program displays EVM events. |
| √ | evmsprt | /usr/bin | 1 | binary | This program sorts EVM events. |
| √ | evmwatch | /usr/bin | 1 | binary | This program monitors the system or cluster for events to occur. It can also list the registered events that are known to the EVM subsystem. |
|
| evmchmgr | /usr/sbin | 8 | binary | The evmchmgr program is the EVM channel manager. |
|
| evmcommandst | /usr/sbin | - | sh | This shall script defines commands and their locations primarily for EVMs multi-platform implementation. |
|
| evmd | /usr/sbin | 8 | binary | This program is the EVM daemon. |
|
| evmget_srv | /usr/sbin | - | binary | The evmget_srv program is called by the evmd daemon when the evemget command requests retrieval of EVM events. |
| √ | evmlegger | /usr/sbin | 8 | binary | This program is the EVM logger. |
|
| evmmkbin | /usr/sbin | - | binary | This program is used by the evmmklib command to compile the event templates into a binary format for the evmd daemon. |
|
| evmmklib | /usr/sbin | - | sh | This script is used by evmd and the evmreload command to setup the environment for the evmmkbin proram. |
| √ | evmreload | /usr/sbin | 8 | sh | This shell script posts an event to have the EVM daemons reread their configuration files. It also verifies the syntax of event template files and configuration files. |
| √ | evmstart | /usr/sbin | 8 | sh | This shell script starts the EVM daemon. |
|
| evmstop | /usr/sbin | 8 | sh | This shall script stops the EVM daemon, although it should not be run under normal circumstances. |
|
[*]The √ undicates that the program can be run. The indicates that the program should not be run. | |||||
8.2.6 EVM Template Files
EVM template files for Tru64 UNIX are located in /usr/share/evm/templates/sysdirectory; TruCluster Server templates are located in /usr/share/evm/templates/clu; and site-defined template files should be placed in /usr/share/evm/templates/local (which is actually a link to /var/evm/adm/templates).
Template file names must end with the suffix ".evt", and the files must be owned by root or binand must have permissions of 0400, 0600, 0440 or 0640 to be recognized. If the owner or permissions are incorrect, you may see a warning:
# evmreload 2001-03-26 05:04:04 evmmklib: Warning: /usr/share/evm/templates/local/tcrhb/tcrhb.evt ignored - incorrect owner or permissions
See section 8.4 for additional information.
8.2.7 EVM Graphical User Interface
The Event Viewer is the GUI for EVM. It is invoked via the sysman program.
# sysman event_viewer
Image 8-1 shows a screen shot of the Event Viewer from the curses interface, while Image 8-2 shows the CDE GUI. For additional information, see the evmviewer(8) reference page.
Image 8-1: EVM curses-style interface
 |
|
Image 8-2: EVM CDE GUI
|
|
EAN: 2147483647
Pages: 273