NAME

evmdaemon.conf − EVM daemon configuration file

SYNOPSIS

authentdir         directory
sourcedir          directory
authtimeout        time_seconds
synctimeout        time_seconds
portnum            port_number
start_sync         command
remote_connection  bool_par
max_msg_size       message_size
filterdir          filter_dir activity_monitor {
                  name      detector
                  period    detect_period
                  threshold detect_thold
                  holdoff   detect_delay
                 } service {
         name    service_name
         command service_command
        }

DESCRIPTION

The Event Manager (EVM) daemon configuration file, evmdaemon.conf, is a text file that contains commands used to configure and start the Event Manager. Any portion of a line from an unquoted number sign (#) to the end of line is a comment.  Blank lines are ignored.  The following commands are recognized:

authentdir directory
Names the directory that is used to hold temporary authentication files. The default is /var/evm/shared. 

sourcedir directory
Names the root of the directory structure that should be searched for event template files.  The default is /usr/share/evm/templates. 

authtimeout time_seconds
Time to wait for a newly established client to respond to an authentication request.  The default is 10 seconds.

synctimeout time_seconds
Time within which a synchronized client must achieve synchronization completing a connection request and subscribing for events. The default is 30 seconds.

portnum port_number
The port number for TCP communication with remote clients. If not specified, the evm port number found in /etc/services is used if present;  otherwise the reserved default value of 619 is used. 

start_sync command
The complete command line for programs that should be started as synchronized clients when the daemon starts. This command should be enclosed in double quotation marks ("). 

remote_connection bool_par
Determines the permission for connections through a remote TCP port. If bool_par evaluates to TRUE, remote connection is permitted.  The default is not permitted.  The bool_par parameter should be True or False. 

Note

Only enable remote access if your system is running in a fully secure environment. See the System Administration guide for event management security considerations. 

max_msg_size message_size
The maximum number of bytes the daemon will accept from any connection in a single message.  If a client attempts to send a message that is longer than the specified size, the daemon immediately terminates the connection without reading the message. This keyword can be used to limit the sizes of events that can be posted, to prevent the daemon from consuming excessive amounts of memory or CPU time by handling very large events.

Note

Setting this value too low may prevent normal system events from being posted. 

If this keyword is not specified, a default value of 2 Mbytes is used.  If the keyword is specified and the supplied value is less than 200 Kbytes or greater than 10 Mbytes, it is set automatically to the closest of those values. 

The daemon accepts messages up to 200 bytes longer than the specified size to allow for communication protocol overhead. 

filterdir filter_dir
A colon-separated list of directories to be searched for filter files in place of the standard locations. If specified, the daemon uses this value internally to evaluate filter strings that reference pre-created filter files, and also passes it to service programs such as the event retrieval service program, evmget_srv, by exporting the environment variable EVM_FILTERDIR. This makes the path available to the event channels’ get-function scripts. The default value for this keyword is /usr/share/evm/filters. See evmfilterfile(4) for more information. 

If this keyword is not specified, a default value of 2 Mbytes is used.  If the keyword is specified and the supplied value is less than 200 Kbytes or greater than 10 Mbytes, it is set automatically to the closest of those values. 

The daemon accepts messages up to 200 bytes longer than the specified size to allow for communication protocol overhead. 

activity_monitor
A parameter group that controls a daemon event monitoring facility. An activity_monitor definition consists of:

name detector
The type of detector controlled by the group parameters.

period detect_period
The size, in minutes, of a periodically sliding time window over which events will be counted.

threshold detect_thold
The number of events that will activate the monitor if counted in period. 

holdoff detect_delay
The time delay, in minutes, after activation of the activity monitor occurs before monitoring is resumed.  The evmreload command will reset the delay. 

service
Defines services that are available through the daemon.  A service definition consists of the name of the service and the command line that will be invoked when this service is requested.  User-defined services are not currently supported.

A service definition consists of:

name service_name
The name given to the service.

command service_command
The command to be invoked when this service is requested. This command should be enclosed in double quotation marks ("). 

The keywords described may be entered in a case-insensitive manner.  The allowable strings and the minimum number of characters is shown in the following table.  A minimum of zero (0) indicates that all characters are required. 

The activity monitor detectors recognized, and the action taken when the monitor is activated are the following:

EXAMPLES

This is an example of an EVM daemon configuration file that does the following:

     1.Specifies that event templates are found in the directory /usr/share/evm/templates. 

     2.Starts the EVM Logger and the EVM Channel Manager as synchronized clients when the daemon is started. 

     3.Defines a service available through the EVM daemon. 

     4.Establishes an activity monitor that will alert the system administrator if 500 events occur in any 10 minute span.  Once the system administrator has been alerted, the activity monitor will remain dormant for four hours. 

     5.Disables connections from remote hosts. 

# Event template directory:
sourcedir       "/usr/share/evm/templates"
# Start the EVM Logger as a synchronized client:
start_sync      "/usr/sbin/evmlogger \
                        -o /var/run/evmlogger.info \
                        -l /var/evm/adm/logfiles/evmlogger.log"
# Start the EVM Channel Manager as a synchronized client:
start_sync      "/usr/sbin/evmchmgr \
                        -l /var/evm/adm/logfiles/evmchmgr.log"
# Event retrieval service definition:
service         { name          event_get
                  command       "/usr/sbin/evmget_srv"
                }
# Set up an activity monitor.
activity_monitor {
        name        event_count  # currently the only supported monitor
        period      10           # count over a 10 minute period
        threshold   500          # perform action after 500 events
        holdoff     240          # wait 4 hours before resuming
}
# Disable remote communication (set following to "true" to enable)
remote_connection       false

FILES

/etc/evm.auth
Location of the EVM authorization file.

/etc/evmdaemon.conf
Location of the EVM daemon configuration file.

/etc/services
Definition of the sockets and protocols used for Internet services.

SEE ALSO

Commands: evmd(8), evmreload(8)

Files: evmfilterfile(4), services(4)

Event Management: EVM(5)

System Administration