Sending COZSFTP server logs to JES spool

A discussion of Co:Z sftp, a port of OpenSSH sftp for z/OS
Post Reply
njd
Posts: 36
Joined: Fri Apr 24, 2015 5:57 am

Sending COZSFTP server logs to JES spool

Post by njd » Fri Apr 26, 2019 8:47 am

We plan to add the following to /etc/ssh/sftp-server.rc to send sftp server logs to the spool:

SFTP_LOG_SYSOUT=true # required
SFTP_SYSOUT_CLASS=1 # optional
unset SFTP_LOGFILE # don't set this
export _BPX_JOBNAME=COZLOG # recommended

I am wondering if every non uid=0 userid will need READ access to FACILITY BPXJOBNAME ?

njd
Posts: 36
Joined: Fri Apr 24, 2015 5:57 am

Re: Sending COZSFTP server logs to JES spool

Post by njd » Fri Apr 26, 2019 9:03 am

Please can you elaborate on why export _BPX_JOBNAME=COZLOG is recommended. Is there a reason this is set to a name that is 6 characters?

dovetail
Site Admin
Posts: 1907
Joined: Thu Jul 29, 2004 12:12 pm

Re: Sending COZSFTP server logs to JES spool

Post by dovetail » Thu May 09, 2019 2:46 pm

_BPX_JOBNAME=COZLOG is an environment variable that causes any new forked OMVS address spaces to get a specific jobname.
When you send logs to the jes spool, there is a new OMVS address space that runs to capture and write the spool file, so using this makes is a *little* easier to find stuff.

We really don't recommend that you use this feature, since:

- the spool files are difficult to find due to the crazy way that spool files are organized by z/OS for OMVS jobs.

- you lose the ability to do a "get /+error.log" from the remote client to get the log from the current job, which is very useful to the remote client for error dianosis.

- The extra OMVS job for writing to the JES spool is extra overhead

- Its just better in our opinion to set up a separate zFS filesystem for log files. The new "SFTP_LOG_KEEP_DAYS" settting in sftp-server.rc (added in V5.5.0) will automatically remove old files so you don't need a separate file skulker job anymore.

Post Reply