EX SSL-VPN: How to configure aarpushlogs on firmware 10.6.x and above.

03/26/2020 5 People found this article helpful 194,424 Views

Description

Resolution

Question:

How to configure aarpushlogs on firmware 10.6.0 and above.

Answer:

Configuring the "aarpush" logs on firmware 10.6.0 and above is different from what we follow on version 10.5.x or earlier. The logs generated on 10.6.0 and above are in .gz format which requires new "aarpushlogs" script to be configured on the Aventail device. The below steps will assist you in configuring the aarpush logs on the Aventail device.

1. Setup an FTP server on a machine where you want the logs from the Aventail device to be pushed. (Use can use free tools such as FileZilla server etc..)
2. Copy the "aarpushlogs" script available in this article on to the /usr/local/aventail/bin/ directory on Aventail device using a tool like WinSCP and unzip it using the command

gunzip aarpushlogs.gz

3. Unlike on firmware versions (10.5.x or earlier) we need NOT modify the "aarpushlogs" script on the device.
4. Make the "aarpushlogs" script as executable with the command "chmod a+x" from SSH or console access.

5. Login to the AMC, Click on Maintenance in the left-hand navigation menu.
6. In the URL address bar, append "?advanced=1", and hit return
7. Click on Configure under the new section Configuration extensions.
8. Click New and For the Key field, put in AAR_URL
9. For the Value field, put in the FTP address in the format - ftp://username:password@/incoming.
10. Click OK
11. Click New and For the Key field, put in AAR_FREQUENCY
12. For the Value field, put in 1 and then Click OK

13. Click Save and Apply Changes (this will force an apply-all, making the changes take effect).
14. Execute the aarpushlogs script (./aarpushlogs) once manually (the first time) so that all the extranet_access and extaweb_access logs are pushed to the remote FTP server.( The aarpushlogs script will create a new folder by the name of Aventail device host name on the FTP server)
15. With this new "aarpushlogs script" there is no need to edit the crontab file with a time entry for the script automation. The execution of the script will create a aarpushlogs file for automation at /etc/cron.d/.

16. Restart the cron service once with the command /etc/init.d/cron restart
17. This new script and the aarpushlogs file created at /etc/cron.d/ will check for new logs files generated every day at 00:05 AM and push them to the remote FTP server.

To Download the new aarpushlogs.gz click here