Translate

Search

IBM QRadar 5) Collecting File Logs

We will see how to collect file logs in this section.

Basically, we have to use FTP to collect file logs.

It has interval time, and logs are collected with interval time.

For security reason, many company don't allow FTP but we can use SFTP(Secure File Transfer Protocol).

SFTP is using SSH(Secure Shell) protocl to get file logs.

I am seeing most of servers allow FTP or SFTP, if there are some server that don't allow any connection you have to use tail2syslog that be used for forward file logs as syslog type.

I will show you about tail2syslog later.

FTP and SFTP's configuration are same without protocol selection.

Officially, let me show you how to configure to collect file logs.

1. Run Log Sources Menu


Move 'Admin' tab and click 'Log Sources' icon.

2. Add Log Source


Click 'Add' to add log list

3. Defualt view of Log Sources menu


 4. Select file protocol (FTP or SFTP)


Select file protocol to collect file logs.
  ●  Choose 'Universal DSM' in 'Log Source Type'
  ●  Choose 'Log File' in 'Protocol Configuration'
  ●  Choose 'FTP' or 'SFTP' in 'Service Type'

5. Fill information about detail information of log


In this section, we will type ip address, file location, file name, interval time and othters.

You don't need to fill all blanks that you saw as above picture.

'Log Source Name' and 'Log Source Description' don't give any problem to log. so you can fill this field as you want to do.

And other information like server ip address and port, authentication must be corrent to collect logs.

Just you want simple, you can fill these blank as number 5 picture.

Please see below information if you want to know every options.

 ●  'Log Source Name' : log's name
 ●  'Log Source Description' : log's description
 ●  'Log Source Type' : log's type
 ●  'Protocol Configuration' : form of logs
 ●  'Service Type' : log's protocol
 ●  'Remote IP or Hostname' : log server's ip address or hostname
 ●  'Remote Port' : FTP / SSH port
 ●  'Remote User' : account that have read permission
 ●  'Remote Password' : account's password
 ●  'Confirm Password' : repeat password
 ●  'SSH Key File' : SSH Key File informatin(it is not necessary)
 ●  'Remote Directory' : log file location
 ●  'Recursive' : collecting schedule
 ●  'FTP File Pattern' : log file name(here, regex can be used.)
 ●  'Start Time' : first collecting time
 ●  'Recurrence' : collecting interval time
 ●  'Run on Save' : auto save logs.
 ●  'EPS Throttle' : maximum of EPS
 ●  'Processor' : if log files are compressed, check it
 ●  'Ignore Previously Processed File(s)' : don't collect file that be processed
 ●  'Change Local Directory' : change log location in QRadar
 ●  'Event Generator' : form of logs
 ●  'File Encoding' : setting encoding of logs
 ●  'Folder Separator' : it is used if log directories are diffrent
 ●  'Enabled' : enable collecting log after configure
 ●  'Credibility' : important asset
 ●  'Target Event Collector' : event processor that collect logs
 ●  'Coalescing Payload' : many logs that have same information will be shown one log
 ●  'Store Event Payload' : save original log payload
 ●  'Log Source Language' : set language of log

애플, 자택 자동화 특허에 대한 보고

애플은 애플 힌츠(Apple Hints)를 통해 회사가 어떻게 가정 내의 환경을 자동화 할 수 있는지 발표했다.

애플의 가정 자동화는 스마트폰, 테블릿과 같은 모바일 장비의 '위치 정보 시스템'을 기반으로 작동하고 있다.

(참조 : Apple Insider)

애플은 자동화 기술을 통해 사람이 있는 곳의 자동 전등 조작, 온도 조절 등 새로운 서비스를 할 수도 있다고 설명한다.

최근 몇 년간 가정을 자동화하기 위한 노력이 지속되고 있으며, AT&T, Verizon과 같은 업체는 이미 원격지에서 집 안의 가전들을 조작할 수 있는 서비스를 제공하고 있다.

SAP와 SAS, Bin Data 분석을 위해 파트너십 채결

in-memory 기술을 향상시킬 움직임을 보이고 있는 SAP와 SAS.

SAP와 SAS는 이를 위해 제품 로드맵 구상 및 기술 개발을 위해 협업을 하고 있고, SAP HANA와 SAS analytic에 포함시킬 계획을 갖고 있습니다.

SAP HANA의 in-memory 기술을 SAS 어플리케이션에 추가하는 것과 SAS의 진보적인 분석 알고리즘을 SAP HANA에서 기동할 수 있게 되면 decision maker는 실시간으로 처리되는 데이터 분석에 대한 결과를 얻을 수 있다고 이야기합니다.

이 파트너십은 양사가 in-memory 기술의 리더인 것 뿐만 아니라, 비즈니스 앱 마켓에서의 데이터 분석 능력이 뛰어난 점을 감안하면 굉장히 기대가 클 것으로 보고있습니다.

IDC의 소프트웨어 수석 연구원 Henry Morris씨의 말을 인용했습니다.
"강력한 분석 기술을 제공하는 SAS와 SAP의 파트너십은 데이터 이동을 간소화 하고 빠른 의사 결정을 통해 빅데이터 분석을 위한 절차를 간략하게 할 것입니다."
"이것은 데이터를 모델로 이동시키거나, 반대로 모델을 데이터로 이동는 것을 효율적으로 만들어 줄 것입니다. 이는 매우 의미있는 가치를 고객에게 제공할 것입니다."

두 회사의 협업 결과는

SAS와 SAP는 그들의 협업이 데이터 이동과 복제를 없애기 위한 플랫폼이 될 수 있다고 예상합니다. 또한 im-memory 내에서 계산에 관한 워크로드를 가능하게 할 수 있다고 말합니다. 결과적으로 이제까지 발표되지 않았던 새로운 빅데이터 솔루션이라고 할 수 있습니다.

모델을 개발함으로서 데이터의 생산성을 증가시키는 것이 in-memory의 주요 기술입니다. 비즈니스 어플리케이션과 분석을 위한 단일 환경은 비용을 절감하고 성능을 실시간으로 측정할 수 있다고 여겨집니다.

이 두 회사는 HANA 환경에서 구동되는 SAS 어플리케이션을 위한 파일럿 프로그램을 함께 판매할 계획을 갖고 있습니다. 우선적인 목표는  2014년 까지 재무 서비스, 통신, 소매, 고객 제품, 생산에 대해 상세한 계획을 세우고, 우선 순위를 정하는 것입니다.

이 어플리케이션은 in-memory에서 작동하고 값을 산출하기 위해 특화된 분석이 필요한 비즈니스 분야를 목표로 삼을 것입니다. 이들은 고객 정보, 위험 관리, 자산 관리, 돈 세탁 방지 및 그 외 분야에 여러 가지 기회를 제공할 것이라고 보고 있습니다.

왜 SAP HANA가 부각되는가?

우리는 SAP HANA의 최근 동향을 알기 위해 Pund-IT의 analyst Charles King씨에게 조언을 구했습니다. 그는 in-memory 데이터베이스 기술은 리더십 포지션을 유지하기 위해 시장을 이끌어온 SAP의 고유 영역이라고 말했습니다.

IBM xSerise RAID Card FoD Key registering

IBM RAID Card를 이용한 RAID5 기능 활성화 방법입니다.

언제부터인지는 모르겠지만, 요즘 출시되고 있는 ServeRAID의 RAID5 기능을 이용하려면 별도의 업데이트가 필요하게 되었습니다.

구형 장비에서도 별도의 업데이트가 필요하기는 했지만, Hardware Chip과 같은 형태로 제공되었기 때문에 큰 수고없이 장착 후 사용하면 되었습니다.

하지만 요즘 장비는 조금 다르더군요...

필수적으로 IBM DSA(Diagnostic System Analysis)를 사용해야합니다.

DSA를 실행하는 방법은 여러 가지가 있지만, bootable iso를 download(http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=serv-dsa) 받으신 후 CD로 구워서 booting하는 방법을 추천드립니다.

bootable iso를 활용하지 않으실 경우 Hardware에 OS가 이미 설치되어 있어야합니다.

이번 작업을 수행하기 위해서는 아래와 같은 사전 준비물이 필요합니다.

  1. RAID5 Activation Instruction 문서

  2. IBM DSA

  3. IBM site Log-in ID

Activation Key 발급을 위해 IBM 자료실로 이동합니다.

https://www-304.ibm.com/systems/x/fod/index.wss

URL 클릭 후 Sign in button을 클릭합니다.


IBM ID로 Log-in 하신 후, 'Request activation key'를 click합니다.


'Activation Instruction' 문서에 나와있는 'Authorization code'를 입력합니다.


'Machine Type'과 'Model', 'Serial number'를 입력합니다.


입력된 정보들을 확인한 후 'Confirm'을 선택합니다.


위 작업이 끝나면 Activation Key를 제공받을 수 있습니다.

제공 방법은, e-mail을 통한 방법과 직접 download 방법 총 2가지가 존재합니다.

Key file은 확장자가 '.key' 인 file입니다.

Key를 발급받으셨다면, Key를 USB로 복사를합니다.

이후 이전에 만들어 놓으신 IBM DSA를 통해 부팅을 합니다.

부팅이 완료되시면, 'Manage Activation Key'를 선택합니다.


'Install from Removable Media'를 선택합니다.


Key가 저장되어있는 USB media를 선택합니다.


할당하기를 원하시는 Key를 선택합니다.


Key 입력이 정상적으로 완료될 경우, 아래와 같이 'Installed'라는 상태가 표시됩니다.



모든 Key 입력이 완료되면, 'Status'의 상태가 'valid'로 표시됩니다.


상태가 'Valid'로 표시된다면 RAID5 기능을 사용할 수 있는 상태임을 의미합니다.

이제 RAID Utility를 통해 RAID5를 생성하시면 됩니다.

IBM QRadar 4) Collecting logs(Unix / Linux)

This post will show you how to configure to collect logs.

syslog configuration have to be configured on each devices.

Most of devices and os have different way to configure syslog forwarding, so If you can't find manual in this post, please find solution manual.

In this post show you collecting operation system syslog like AIX, Linux, HP-UX, Solaris.

I define QRadar's IP address is 192.168.0.16.

1. Configure forwarding IBM AIX syslog 

  1) modify syslog.conf file

<root@aix ># vi /etc/syslog.conf

## QRadar 
*.debug          @192.168.0.16

Add comment from ## QRadar to IP address in bottom of file.

It means AIX host will forward syslog to 192.168.0.16 ip address(it is QRadar).

'## QRadar' is comment in this file and has no impact.


'*.debug @192.168.0.16' means server forward every logs in all category that have debug level to 192.168.0.16 ip address(QRadar).

  2) restart syslog service

<root@aix ># refresh -s syslogd

0513-095 The request for subsystem refresh was completed successfully.

'refresh -s' command is used to restart services.

2. Configure forwarding Linux syslog 

  1) modify syslog.conf file

<root@linux ># vi /etc/syslog.conf

## QRadar 
*.*        @192.168.0.16

Add this two line like AIX setting.

  2) restart syslog service

<root@linux ># /etc/init.d/syslog restart

Shutting down kernel logger: [  OK  ]
Shutting down system logger: [  OK  ]
Starting system logger: [  OK  ]
Starting kernel logger: [  OK  ]

'/etc/init.d' directory has service files.

And If you have RHEL based linux, you can use service command as below box.

<root@linux ># service syslog restart

Shutting down kernel logger: [  OK  ]
Shutting down system logger: [  OK  ]
Starting system logger: [  OK  ]
Starting kernel logger: [  OK  ]

3. Configure fording Solaris / HP-UX syslog 

  1) modify syslog.conf File

<root@uniux ># vi /etc/syslog.conf

## QRadar 
*.*        @192.168.0.16

  2) restart syslog service

<root@uniux ># kill -HUP `cat /etc/syslog.pid`

Now, most operating system can be collected syslog service.

IBM QRadar 3) Logs

Let me tell you about logs that be base on SIEM system.

There are two type Event log and and Flow log in logs.

Event log is known as usually we know, It includes system, application and other logs on our infrastructure.

For example, There are syslog, file or table in event log.

Another log is called as 'Flow', It is network traffic on our network structure.

We can know many information that how many packet was sanded or received packets.

Please read Wikipedia for more information about Flow.

Below table explains detail information of logs.













Table 1) Detail log information

Log Status means how save this log, it might be syslog, file, Database.

These logs are used for each purpose.

Syslog is used to record about every action on severs, network devices, security solutions.

You can think It is one of programs that be used in UNIX system.

Most devices support to use syslog, and simply Linux syslog write all actions on the /var/log/messages.

Syslog of each devices send logs, We can think syslog push logs to QRadar.






Image 1) Push and Poll logs

Pushing is real-time option for sending logs, but If QRadar had been down, syslog couldn't send logs to QRadar, logs are loss.

We can input logs to QRadar manually, it can't be perfect solution.

Syslog method is good to use for real-time and general purpose, It can't keep all logs.

I told you Syslog is usually used for OS / network device / security solution.

So, maybe there are other log types.

Typical log is 'file log'.

IIS / DB / Tomcat / Apache / etc are using file log for recording action.

For collecting file log, We have to use FTP protocol.

But someone don't want to use FTP.

If you don't want, You can use SFTP.

SFTP is enhanced file transfer protocol for security.

So let me say SFTP is better then FTP.

It is similar with now days most company restrict telnet connection.

Unfortunately QRadar don't support for collecting file logs real-time, because QRadar access log file for real-time, It makes performance slow.

So we have to interval time least 15 minute, QRadar collect repeat using schedule.

File log protocol can make sure collecting all logs.

After reboot QRadar, QRadar sync last log collected and original logs, It collect logs that be not collected log.

It have advantage and disadvantage the other way syslog.

File log has some rules.

When QRadar collect file logs, QRadar access log file.

So QRadar needs server's account and authentication.

This protocol can't be used like real-time collecting because QRadar access file, it has interval times.

The minimum time is 15 minute.

We can't set less time.

I said to you syslog is OS log, file log is application logs.
(It is general, Not only used)

So, What situation uses DB logs?

Usually, most of solutions use DB table log for managing historical data.

Simply speaking, If you have internet monitoring solution, this solution write who did use chatting services or messenger services.

Add to this, history of accessing some system will be written on DB, this type is core of log types.

To collect DB logs is needed JDBC(Java Databases Connectivity) for each DBMS.

QRadar basically supports Microsoft SQL Server, Oracle, DB2, Sybase and etc.

And other DBMS also can be collected by QRadar, it can't support all of DBMS.

Please see next posting if you want to know about flow.

Thanks.


Related Links

IBM QRadar 1) 개요
IBM QRadar 2) 주요 기능
IBM QRadar 3) 로그 유형 (2/2)

PostgreSQL - 모든 IP 원격 접속 허용

PostgreSQL은 IP를 기반으로 한 접근 제어를 통해 보안 증대 효과를 보고있습니다.

최초 설치시 localhost에서만 접근만을 허용하기 때문에 어떠한 원격 접속이 불가합니다.

때문에 우리가 사용하고 있는 IP를 허용해주는 설정이 필요합니다.

이 설정을 수행하지 않고 접속을 시도할 경우 아래와 같은 Error가 발생합니다.



1. pg_hba.conf file 수정

■ 하나의 IP / IP 대역 허용

<root@linux># vi /etc/postgresql/9.1/main/pg_hba.conf
host    all             all             192.168.0.0/24          md5

host    all             all             192.168.1.50/24           md5



위 설정은, 192.168.0.X/24 대역의 모든 User가 모든 DB에 접근이 가능하며, 192.168.1.50/24 IP의 모든 User가 모든 DB에 접근이 가능하다는 설정입니다.

참고로 /24는 Subnetmask 255.255.255.0을 의미합니다.
(255.255.255.0은 11111111.11111111.11111111.00000000이므로 24bit이기 때문입니다.)


■ 모든 IP / IP 대역 허용

위와 같이 설정할 경우, Access할 수 있는 IP를 일일히 입력해줘야 된다는 번거로움이 있습니다.

모든 IP를 허용하고자 할 경우, 아래 내용을 /etc/postgresql/9.1/main/pg_hba.conf에 추가해주시면 됩니다.

host    all             all             0.0.0.0/0           md5



2. Service restart

설정 값 변경을 적용시키기 위해 Service를 재시작합니다.

<root@linux># /etc/init.d/posgresql restart
 * Restarting PostgreSQL 9.1 database server                       [ OK ]



3. postgres.conf 수정

/etc/postgresql/9.1/main/postgresql.conf file을 열어, 'listen_address' 값을 변경합니다.

<root@linux># vi /etc/postgresql/9.1/main/postgresql.conf
 listen_addresses = '*'




4. PostgreSQL 원격지 접속


이제 원격을 통한 DB 접속이 가능해졌습니다.

Vormetric : Data Encryption Solution (2/2)

DB Server에 Vormetric Agent를 설치하게 되면, Vormetric Server에서 6하 원칙에 의한 접근 관리를 하게 됩니다.

누가(User), 언제(Time), 어디서(Directory), 무엇을(File), 어떻게(Process)에 따라 권한을 부여합니다.

예를들어, 'root에게 /oracle이라는 Directory의 Data를 Read / Write에 대한 암.복호화 할수 있게하지만 다른 모든 User는 암.복호화를 제외한 Read만 가능하게한다.'와 같은 Rule을 정의할 수 있습니다.

※ Policy Sample

위 Policy Sample을 차례대로 보겠습니다. (위에서 부터 아래로 우선 순위 정책입니다.)

Policy 1 : 매주 월요일 root가 cat 명령어를 사용하는 것에 대해 읽기 및 암.복호화 권한 부여

Policy 2 : 매주 토요일 user1의 모든 행위에 대해 읽기 및 암.복호화 권한 부여

Policy 3 : 나머지 요일의 경우 모든 행위에 대한 읽기 권한만 부여(암.복호화 불가능)

같은 사용자 계정을 사용한다고 하더라도, 명령어(Process)나 시간(When)에 따라 각기 다른 정책을 부여할 수 있습니다.

여러 가지 복잡한 설정들이 가능하겠지만 실제로는 사용자 계정에 따라 읽고 쓰기 / 암.복호화 권한을 주는 등의 설정이 주류를 이루겠지요. ^^

정책을 생성한 후 각 Host 마다 Guard Point를 지정해주어야합니다.

Guard Point란, Host 내에서 실제로 암호화할 구역을 설정하는 것입니다.

Host의 모든 File이 암호화되는 것이 아니기 때문에 Guard Point와 같은 개념이 필요합니다.

※ Guard Point

그림과 같이, 많은 Directory 중 암호화 할 대상(directory1, directory2)을 선정하여 Guard Point로 설정하게 되면 그 내부에 있는 모든 Data가 암호화되게 됩니다.

조금 더 상세하게 말씀드리면, Guard Point로 설정이 되고나면 File 생성, 이동 등의 행위에 의해 Directory 내로 귀속된 Data는 암호화되는 구조를 갖고 있습니다.

모든 OS 및 File System에 대해 위 기능을 지원하는 것이 아니므로, 사전 점검이 중요할 것으로 보입니다.

아래는 지원 가능한 OS 및 File System 범위이므로 참조하시라고 올립니다. ^^

이상 Vormetric에 대해 알아보았습니다.

감사합니다 !

※ Appendix. OS / File System 지원 범위

Vormetric : Data Encryption Solution (1/2)

안녕하세요.

이번에는 DB 암호화 Solution 중 하나인 Vormetric에 대하여 알아보겠습니다.

Vormetric은 개인정보보호법이 시행되면서 큰 각광을 받고 있는 암호화 Solution입니다.

개인정보보호법이 시행되면서 모든 기업은 개인 정보를 보호해야될 의무를 갖게 되었습니다.

개인정보보호법은 기술적 / 정책적 관리 수칙을 준수하도록 권고하는, 2011년 9월 30일에 시행된 법률입니다.

개인정보보호법 기술적 보호조치에서 필수적으로 수행해야 될 항목 중의 하나로, 개인정보를 포함하고 있는 DB를 암호화해야한다고 이야기하고 있습니다.

자, 그럼 Vormetric의 기본적인 개요를 살펴보겠습니다.


Vormetric에서 Data를 암호화하기 위해서는 암호화 대상 Server에 Agent를 설치해야합니다.

각 OS별 Agent가 별개로 존재하며, IBM AIX, HP-UX, Solaris, Linux, Windows를 지원합니다.

Vormetric에서는 이 모든 암호화 대상 System들을 'Host'라고 부르고있습니다.

Agent가 설치된 Host들은 Vormetric Server와 통신하며 암.복호화 Key를 갱신하고, 정책등을 Update하게 됩니다.

Data를 보호하기 위해 암호화할 대상 단위는 User Access, Directory, Volume Manager 등을 다양하게 지정할 수 있다는 장점이 있습니다.

Vormetric Capability를 소개하는 Image를 보시지요.


※ 출처 : 01-Vormetric Data Security v5 - Architectural Overview  - Q3 2012.pdf

DB를 암호화 할 경우, 암호화 Directory 생성 후 DB File을 넣게 되면 통째로 암호화 되기 때문에 Simple한 설정이 가장 큰 강점 중 하나라고 볼 수 있습니다.

DB File을 옮기는 방법 이외에도, Data가 들어있는 Directory 암호화 할 수 있는 DataXform 기능을 지원합니다.

해당 기능은 진행 중 취소하게 될 경우 Data 복호화가 불가능한 상황에 처할 수 있기 때문에 안정성을 위해 잘 사용되어지지는 않는다고 합니다.

암호화를 위해 사용되는 Algorithm으로는 AES128, AES256, ARIA128, ARIA258, 3DES 등이 있습니다.

보안 증대를 위해 더 복잡한 Algorithm을 사용하면 Performance 측면의 문제가 발생한다는 것은 기본적으로 예상할 수 있는 Risk겠지요...

암.복호화는 위 Algorithm에 의해 생성된 Key를 통해 진행됩니다.

다른 암호화 Solution과 마찬가지로, Key가 없을 경우 암.복호화 과정이 불가능해집니다.

때문에 Key 보관 정책을 어떻게 할 것인가를 고민해 보아야합니다.

Vormetric은 Key의 위치를 지정할 수 있는 세 가지 Option을 제공합니다.

  1) Stored on Server
Vormetric Server에서만 Key를 관리도록 설정하는 Option입니다.

※ Stored on Server 

암호화 대상 Host의 RAM에 Key를 저장한 후 암.복호화를 수행하지만, 대상 Host가 재부팅 될 경우 RAM에 저장되어 있던 Key는 소멸됩니다.

재부팅이 완료된 후 Host와 Vormetric Server의 통신을 통해 Key를 다시 부여받지만, 이 때 서로 간에 통신을 하지 못할 경우 Key를 적재하지 못하는 상태가 되며, 암.복호화를 진행할 수 없습니다.

통신 단절시 암.복호화를 할 수 없다는 단점때문에 많이 사용되지는 않습니다.

  2) Cached on Host
Vormetric을 통한 Data I/O가 일어날 때 I/O에 Key를 추가하여 저장을 합니다.

Stored on Server와 다른 점은 Agent DB Host에서 Key를 관리하게 됩니다.

때문에 Agent DB Server 재부팅 이후 Key가 소멸된 상태에서 Vormetric 서버와 Agent DB Host의 통신이 단절되더라도 자체적으로 Key를 복구할 수 있는 vmsecpasswd 기능이 있습니다.

※ Cached on Host


이 설정은 모든 Host가 동일한 키를 갖고 있기 때문에, 서로간의 I/O가 발생할 때 암.복호화를 할 수 있다는 특징이 있습니다.

 ※ 각 Host 간의 암.복호화 가능

때에 따라서 장점이 될수도, 혹 단점이 될 수도 있는 부분입니다.

  3) Cached on Host + Unique to Host
2) Cached on Host 설정과 동일한 역할을 하고있지만, 각 Agent Host가 갖고 있는 Key 값이 다르기 때문에 서로간의 암.복호화를 할 수 없다는 특징을 갖습니다.

 ※ 각 Host 간의 암.복호화 불가능

위 세 가지 설정에서 볼 수 있는 것 처럼, Stored on Server는 장애 상황에 대한 대응을 원활히 할 수 없다는 단점 때문에 잘 쓰여지지 않습니다.

Cached on Host 기능을 활용할 시 Server의 상태와 관련없이 암.복호화를 할 수 있다는 점은 상당한 장점으로 보여지네요.

지금까지 Vormetric의 간단한 설명 및 Key 관리 방식에 대해 알아보았습니다.

다음 Posting에서는 정책에 대해 조금 더 자세하게 언급하도록 하겠습니다.

Linux : RHEL(Redhat Enterprise Linux) Network Bonding 설정

RHEL 기반 Linux OS에서 NIC를 Bonding하는 방법입니다.

그대로 따라해주시면 됩니다.

1. bond0 설정 File 생성

<root @ linux ~># vi /etc/sysconfig/network-script/ifcfg-bond0
DEVICE=bond0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.10
NETMASK=255.255.255.0
NETWORK=192.168.0.1
:wq

Bonding device configuration file 생성입니다.

각 Option은 보시다시피 특별한 것은 없고, DEVICE 이름만 잘 정의해주시면 됩니다.

2. Bonding을 할 NIC 설정 변경

<root @ linux ~># vi /etc/sysconfig/network-script/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
HWADDR=00:0c:29:AC:7c:4c
MASTER=bond0
SLAVE=yes
:wq

<root @ linux ~># vi /etc/sysconfig/network-script/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
HWADDR=00:0c:29:AC:7c:4c
MASTER=bond0
SLAVE=yes
:wq

Bonding으로 묶을 두 개의 NIC 설정입니다.

MASTER 값을 bond0 device 이름으로 지정하고, SLAVE 값을 yes로 설정해주시면 됩니다.

3. 대표 Network 정보 수정

<root @ linux ~># vi /etc/sysconfig/network
GATEWAY=192.168.0.1
HOSTNAME=linux
NETWORKING=yes
NOZEROCONF=yes

GATEDEV=bond0
:wq

/etc/sysconfig/network file을 열어 'GATEDEV=bond0'라는 값을 추가합니다.

위 설정은 Active하게 사용할 Network card 정보를 정의하기 위함입니다.

여기까지만 완료해도 정상적으로 Bonding이 완료되었습니다만, 여러가지 Bonding mode가 있기 때문에 계속해서 살펴보겠습니다.

4. Module 값 수정

Bonding mode를 변경하기 위해 Module을 수정하겠습니다.

/etc/modprobe.conf file을 열어 아래의 내용을 추가합니다.

<root @ linux ~># vi /etc/modprobe.conf
alias ipv6 off
option ipv6 disable=1

## bonding ##
alias bond0 bonding
option bonding mode=1
option bonding miimon=100

## bonding ## 아래 부분을 추가해주시면 됩니다.

Bonding mode는 총 5가지가 있으며, 자세한 사항은 아래를 참조해주세요.

Mode 0 : Balanced Round-Robin : 2개의 NIC를 통해 트래픽 분배

Mode 1 : Active-Standby : Active NIC 작동 중 Fault가 발생할 경우 Standby NIC로 take-over


Mode 2 : Balance-XOR : XOR 연산을 통해 MAC 기반 분배


Mode 3 : Broadcast : 무작위 통신


Mode 4 : 802.3ad : Switch aggregation 설정 필요


이상입니다.

Bonding 구성 후 장애 복구 Test는 다음 시간에. ^^

Oracle : ORA-12516: TNS:리스너가 프로토콜 스택과 일치하는 처리기를 찾을 수 없습니다.

Problem
ORA-12516: TNS:리스너가 프로토콜 스택과 일치하는 처리기를 찾을 수 없습니다.

Cause
Oracle DB를 이동하여 Application을 가동하다 보면 위와 같은 Message와 마주칠 수 있습니다.

이는 동시 처리 가능한 Processes parameter 값을 초과했기 때문에 더 이상 Session을 연결할 수 없다는 message입니다.

Resolution
Processes parameter 값을 변경해주면 됩니다.

1. Oracle에 접속합니다.

<oracle @ oracle ~># sqlplus / as sysdba


2. Processes parameter 값을 확인합니다.

  1) show parameter를 이용하는 방법

SQL > show parameter processes;

NAME                                   TYPE     VALUE
-------------------------------------------------
aq_tm_processes               integer      1
db_writer_processes           integer      1
job_queue_processes          integer     10
log_archive_max_processes  integer      2
processes                          integer    150

  * 현재 동시 처리 가능한 Processes 값은 150입니다.

  2) select 문을 사용하는 방법

SQL > select * from v$resource_limit

RESOURCE_NAME CURRENT_UTILIZATION MAX_UTILIZATION INITIAL_ALLOCATION LIMIT_VALUE
processes 119 150        150        150
sessions 76 166        256        256
enqueue_locks 90 256       3350       3350
enqueue_resources 48 145       1344  UNLIMITED
ges_procs 0 0          0          0
ges_ress 0 0          0  UNLIMITED
ges_locks 0 0          0  UNLIMITED
ges_cache_ress           0 0          0  UNLIMITED
ges_reg_msgs 0 0          0  UNLIMITED
ges_big_msgs 0 0          0  UNLIMITED
ges_rsv_msgs           0 0          0          0
gcs_resources           0 0          0          0
gcs_shadows 0 0          0          0
dml_locks               2 2       1124  UNLIMITED
temporary_table_locks 0 111  UNLIMITED  UNLIMITED
transactions 1 1        281  UNLIMITED
branches 0 0        281  UNLIMITED
cmtcallbk 0 10        281  UNLIMITED
max_rollback_segments 12 36        281      65535



  * 첫 번째 줄의 processes에서 가장 오른쪽이 Limit 값입니다.

3. Processes parameter 변경

SQL > alter system set processes = 500 scope = spfile;
System Altered.


동시에 처리 가능한 Process의 숫자를 500개로 증가시켰습니다.

4. DB 재시작

SQL > shutdown immediate

Database closed.
Database dismounted.
Oracle instance shut down.

SQL > shutdown immediate

ORACLE instance started.

Total System Global Area 219223120 bytes
Fixed Size 451664 bytes
Variable Size 201326592 bytes
Database Buffers 16777216 bytes
Redo Buffers 667648 bytes
Database mounted.
Database opened.

설정 값 적용을 위해 DB를 재시작합니다.


5. 설정 적용 확인

2번에서 알려드린 QUERY 문으로 확인하시면 설정이 변경 된 것을 알 수 있습니다.

- 끝 -

AIX Error Code

AIX Error Code입니다.

Diagnostic Load Progress Indicators  Top of page  
        c00 AIX Install/Maintenance loaded successfully.
        c01 Insert the first diagnostic diskette.
        c02 Diskettes inserted out of sequence.
        c03 The wrong diskette is in diskette drive.
        c04 The loading stopped with an irrecoverable error.
        c05 A diskette error occurred.
        c06 The rc.boot configuration shell script is unable to determine type of boot.
        c07 Insert the next diagnostic diskette.
        c08 RAM file system started incorrectly.
        c09 The diskette drive is reading or writing a diskette.
        c20 An unexpected halt occurred, and the system is configured  to enter the kernel debug program instead of entering a ystem dump.
        c21 The ifconfig command was unable to configure the network for the client network host.
        c22 The tftp command was unable to read client's ClientHostName info file during a client network boot.
        c24 Unable to read client's ClientHostName.info file during a client network boot.
        c25 Client did not mount remote miniroot during network install.
        c26 Client did not mount the /usr file system during the network boot.
        c29 The system was unable to configure the network device.
        c31 Select the console display for the diagnostics. To select No console display, set the key mode switch to Normal then to Service.
               The diagnostic programs then load and run the diagnostics automatically. If you continue to get the message, check the cables and make sure you are using the serial port.
        c32 A directly attached display (HFT) was selected.
        c33 A TTY terminal attached to serial ports S1 or S2 was selected.
        c34 A file was selected. The console messages store in a file.
        c35 No console found.
        c40 Configuration files are being restored.
        c41 Could not determine the boot type or device.
        c42 Extracting data files from diskette.
        c43 Cannot access the boot/install tape.
        c44 Initializing installation database with target disk information.
        c45 Cannot configure the console.
        c46 Normal installation processing.
        c47 Could not create a physical volume identifier (PVID) on disk.
        c48 Prompting you for input.
        c49 Could not create or form the JFS log.
        c50 Creating root volume group on target disks.
        c51 No paging devices were found.
        c52 Changing from RAM environment to disk environment.
        c53 Not enough space in the /tmp directory to do a preservation installation.
        c54 Installing either BOS or additional packages.
        c55 Could not remove the specified logical volume in a preservation installation.
        c56 Running user-defined customization.
        c57 Failure to restore BOS.
        c58 Displaying message to turn the key.
        c59 Could not copy either device special files, device ODM, or volume group information from RAM to disk.
        c61 Failed to create the boot image.
        c62 Loading platform dependent debug files.
        c63 Loading platform dependent data files.
        c64 Failed to load platform dependent data files.
        c70 Problem Mounting diagnostic CD-ROM disc.
        c99 Diagnostics have completed. This code is only used when there is no console.
        Fxx (xx is any number) Refer to Firmware chapter of the service manual.

Dump Progress Indicators (Dump Status Codes)        0c0 The dump completed successfully.
        0c1 The dump failed due to an I/O error.
        0c2 A dump, requested by the user, is started.
        0c3 The dump is inhibited.
        0c4 The dump device is not large enough.
        0c5 The dump did not start, or the dump crashed.
        0c6 Dumping to a secondary dump device.
        0c7 Reserved.
        0c8 The dump function is disabled.
        0c9 A dump is in progress.
        0cc Unknown dump failure
 
 
Crash Codes
Category 1
  Dump analysis is  the appropriate  first action  in Problem Determination,  begin the  Problem Determination  process with software support.
       
Category 2
  Dump analysis most likely will not aid in Problem Determination, begin the Problem Determination process with hardware support.
       
Category 3
  Both software and hardware support may be needed  in Problem Determination, go to MAP 0070:
  888  Sequence in Operator Panel Display in Diagnostic Information for Multiple Bus Systemsto assist in problem isolation.
        Category 1
                300 Data storage interrupt from the processor.
                32x Data storage interrupt because of an I/O exception from IOCC.
                38x Data storage interrupt because of an I/O exception from SLA.
                400 Instruction storage interrupt.
                700 Program interrupt.
       
        Category 2
                200 Machine check because of a memory bus error.
                201 Machine check because of a memory timeout.
                202 Machine check because of a memory card failure.
                203 Machine check because of a out of range address.
                204 Machine check because of an attempt to write to ROS.
                205 Machine check because of an uncorrectable address parity.
                206 Machine check because of an uncorrectable ECC error.
                207 Machine check because of an unidentified error.
                208 Machine check due to an L2 uncorrectable ECC.
                500 External interrupt because of a scrub memory bus error.
                501 External interrupt because of an unidentified error.
                51x External interrupt because of a DMA memory bus error.
                52x External interrupt because of an IOCC channel check.
                53x External interrupt from an IOCC bus timeout; x represents the IOCC number.
                54x External interrupt because of an IOCC keyboard check.
                800 Floating point is not available.
        Category 3
                000 Unexpected system interrupt.
                558 There is not enough memory to continue the IPL.
                600 AIX 4.3.3.3 and above: Alignment Interrupt.
                    If pre-AIX 4.3.3.3: AIX has crashed because the Portability Assist Layer (PAL) for this
                    machine type has detected a problem.
                605 AIX has crashed because the Portability Assist Layer (PAL) for this
                    machine type has detected a problem (AIX 4.3.3.3 and above). 

Configuration Program Indicators        2E6 The PCI Differential Ultra SCSI adapter or the Universal PCI Differential Ultra SCSI adapter being configured.
        2E7 Configuration method unable to determine if the SCSI adapter type is SE or DE type.
        440 9.1GB Ultra SCSI Disk Drive being identified or configured.
        441 18.2GB Ultra SCSI Disk Drive being identified or configured.
        444 2-Port Multiprotocol PCI Adapter (ASIC) being identified or configured.
        447 PCI 64-bit Fibre Channel Arbitrated Loop Adapter being configured.
        500 Querying Standard I/O slot.
        501 Querying card in Slot 1.
        502 Querying card in Slot 2.
        503 Querying card in Slot 3.
        504 Querying card in Slot 4.
        505 Querying card in Slot 5.
        506 Querying card in Slot 6.
        507 Querying card in Slot 7.
        508 Querying card in Slot 8.
        510 Starting device configuration.
        511 Device configuration completed.
        512 Restoring device configuration files from media.
        513 Restoring basic operating system installation files from media.
        516 Contacting server during network boot.
        517 Mounting client remote file system during network IPL.
        518 Remote mount of the root (/) and /usr file systems failed during network boot.
        520 Bus configuration running.
        521 /etc/init invoked cfgmgr with invalid options;
            /etc/inithas been corrupted or incorrectly modified (irrecoverable error).
        522 The configuration manager has been invoked with conflicting options (irrecoverable error).
        523 The configuration manager is unable to access the ODM database (irrecoverable error).
        524 The configuration manager is unable to access the config.rules object in the ODM database
        525 The configuration manager is unable to get data from a customized device object in the ODM database
        526 The configuration manager is unable to get data from a customized device driver object in the ODM database
        527 The configuration manager was invoked with the phase 1 flag; running phase 1 at this point is not permitted
        528 The configuration manager cannot find sequence rule, or no program name was specified in the ODM database
        529 The configuration manager is unable to update ODM data (irrecoverable error).
        530 The program savebase returned an error.
        531 The configuration manager is unable to access the PdAt object class (irrecoverable error).
        532 There is not enough memory to continue (malloc failure); irrecoverable error.
        533 The configuration manager could not find a configuration method for a device.
        534 The configuration manager is unable to acquire database lock (irrecoverable error).
        535 HIPPI diagnostics interface driver being configured.
        536 The configuration manager encountered more than one sequence rule specified in the same phase
        537 The configuration manager encountered an error when invoking the program in the sequence rule.
        538 The configuration manager is going to invoke a configuration method.
        539 The configuration method has terminated, and control has returned to the configuration manager.
        541 A DLT tape device is being configured.
        549 Console could not be configured for the Copy a System Dump Menu.
        551 IPL vary-on is running.
        552 IPL vary-on failed.
        553 IPL phase 1 is complete.
        554 The boot device could not be opened or read, or unable to define NFS swap device during network boot.
        555 An ODM error occurred when trying to vary-on the rootvg, or unable to create an NFS swap device during network boot.
        556 Logical Volume Manager encountered error during IPL vary-on.
        557 The root filesystem does not mount.
        558 There is not enough memory to continue the system IPL.
        559 Less than 2 M bytes of good memory are available to load the AIX kernel.
        569 FCS SCSI protocol device is being configured (32 bits).
        570 Virtual SCSI devices being configured.
        571 HIPPI common function device driver being configured.
        572 HIPPI IPI-3 master transport driver being configured.
        573 HIPPI IPI-3 slave transport driver being configured.
        574 HIPPI IPI-3 transport services user interface device driver being configured.
        575 A 9570 disk-array driver being configured.
        576 Generic async device driver being configured.
        577 Generic SCSI device driver being configured.
        578 Generic commo device driver being configured.
        579 Device driver being configured for a generic device.
        580 HIPPI TCPIP network interface driver being configured.
        581 Configuring TCP/IP.
        582 Configuring Token-Ring data link control.
        583 Configuring an Ethernet data link control.
        584 Configuring an IEEE Ethernet data link control.
        585 Configuring an SDLC MPQP data link control.
        586 Configuring a QLLC X.25 data link control.
        587 Configuring a NETBIOS.
        588 Configuring a Bisync Read-Write (BSCRW).
        589 SCSI target mode device being configured.
        590 Diskless remote paging device being configured.
        591 Configuring an LVM device driver.
        592 Configuring an HFT device driver.
        593 Configuring SNA device drivers.
        594 Asynchronous I/O being defined or configured.
        595 X.31 pseudo-device being configured.
        596 SNA DLC/LAPE pseudo-device being configured.
        597 OCS software being configured.
        598 OCS hosts being configured during system reboot.
        599 Configuring FDDI data link control.
        59B FCS SCSI protocol device being configured (64 bits).
        5C0 Streams-based hardware drive being configured.
        5C1 Streams-based X.25 protocol being configured.
        5C2 Streams-based X.25 COMIO emulator driver being configured
        5C3 Streams-based X.25 TCP/IP interface driver being configured.
        5C4 FCS adapter device driver being configured.
        5C5 SCB network device driver for FCS being configured.
        5C6 AIX SNA channel being configured.
        600 Starting network boot portion of /sbin/rc.boot.
        602 Configuring network parent devices.
        603 /usr/lib/methods/defsys, /usr/lib/methods/cfgsys, or /usr/lib/methods/cfgbus failed.
        604 Configuring physical network boot device.
        605 Configuration of physical network boot device failed.
        606 Running /usr/sbin/ifconfig on logical network boot device.
        607 /usr/sbin/ifconfig failed.
        608 Attempting to retrieve the client.info file with tftp.Note that a flashing 608 indicates multiple attempt(s)
            to etriever the client_info file are occurring.
        609 The client.info file does not exist or it is zero length.
        60B 18.2GB 68-pin LVD SCSI Disk Drive being configured.
        610 Attempting remote mount of NFS file system.
        611 Remote mount of the NFS file system failed.
        612 Accessing remote files; unconfiguring network boot device.
        614 Configuring local paging devices.
        615 Configuration of a local paging device failed.
        616 Converting from diskless to dataless configuration.
        617 Diskless to dataless configuration failed.
        618 Configuring remote (NFS) paging devices.
        619 Configuration of a remote (NFS) paging device failed.
        61B 36.4GB 80-pin LVD SCSI Disk Drive being configured.
        61D 36.4GB 80-pin LVD SCSI Disk Drive being configured.
        61E 18.2GB 68-pin LVD SCSI Disk Drive being configured.
        620 Updating special device files and ODM in permanent filesystem with data from boot RAM filesystem.
        621 9.1 GB LVD 80-pin SCSI Drive being configured.
        622 Boot process configuring for operating system installation.
        62D 9.1GB 68-pin LVD SCSI Disk Drive being configured.
        62E 9.1GB 68-pin LVD SCSI Disk Drive being configured.
        636 TURBROWAYS 622 Mbps PCI MMF ATM Adapter.
        637 Dual Channel PCI-2 Ultra2 SCSI Adapter being configured.
        638 4.5GB Ultra SCSI Single Ended Disk Drive being configured.
        639 9.1GB 10K RPM Ultra SCSI Disk Drive (68-pin).
        63A See 62D.
        63B 9.1GB 80-pin LVD SCSI Disk Drive being configured.
        63C See 60B.
        63D 18.2GB 80-pin LVD SCSI Disk Drive being configured.
        63E 36.4GB 68-pin LVD SCSI Disk Drive being configured.
        63F See 61B.
        640 9.1GB 10K RPM Ultra SCSI Disk Drive (80-pin).
        646 High-Speed Token-Ring PCI Adapter being configured.
        64A See 62E.
        64B 9.1GB 80-pin LVD SCSI Disk Drive being configured.
        64C See 61E.
        64D 18.2 GB LVD 80-pin Drive/Carrier being configured.
        64E 36.4GB 68-pin LVD SCSI Disk Drive being configured.
        64F See 61D.
        650 IBM SCSD disk drive being configured.
        653 18.2GB Ultra-SCSI 16-bit Disk Drive being configured.
        655 GXT130P Graphics adapter being configured.
        657 GXT2000P graphics adapter being configured.
        658 PCI Fibre Channel Disk Subsystem Controller being identified or configured.
        659 2102 Fibre Channel Disk Subsystem Controller Drawer being identified or configured.
        660 2102 Fibre Channel Disk Array being identified or configured.
        662 Ultra2 Integrated SCSI controller.
        663 The ARTIC960RxD Digital Trunk Quad PCI Adapter or the ARTIC960RxF Digital Trunk Resource Adapter being configured.
        664 32x (MAX) SCSI-2 CD-ROM drive being configured.
        667 PCI 3-Channel Ultra2 SCSI RAID Adapter being configured.
        669 PCI Gigabit Ethernet Adapter being configured.
        66C 10/100/1000 Base-T EthernetPCI Adapter.
        66D PCI 4-Channel Ultra-3 SCSI RAID Adapter.
        66E 4.7 GB DVD-RAM drive.
        674 ESCON(R) Channel PCI Adapter being configured.
        677 PCI 32-bit Fibre Channel Arbitrated Loop Adapter being configured.
        67B PCI Cryptographic Coprocessor being configured.
        682 20x (MAX) SCSI-2 CD-ROM Drive being configured.
        689 4.5GB Ultra SCSI Single Ended Disk Drive being configured.
        68C 20 GB 4-mm Tape Drive being configured.
        68E POWER GXT6000P PCI Graphics Adapter.
        690 9.1GB Ultra SCSI Single Ended Disk Drive being configured.
        69b 64-bit/66MHz PCI ATM 155 MMF PCI adapter being configured.
        69d 64-bit/66MHz PCI ATM 155 UTP PCI adapter being configured.
        6CC SSA disk drive being configured.
        700 A 1.1 GB 8-bit SCSI disk drive being identified or configured.
        701 A 1.1 GB 16-bit SCSI disk drive being identified or configured.
        702 A 1.1 GB 16-bit differential SCSI disk drive being identified or configured.
        703 A 2.2 GB 8-bit SCSI disk drive being identified or configured.
        704 A 2.2 GB 16-bit SCSI disk drive being identified or configured.
        705 The configuration method for the 2.2 GB 16-bit differential SCSI disk drive is being run.
            If an irrecoverable error occurs, the system halts.
        706 A 4.5 GB 16-bit SCSI disk drive being identified or configured.
        707 A 4.5 GB 16-bit differential SCSI disk drive being identified or configured.
        708 A L2 cache being identified or configured.
        710 POWER GXT150M graphics adapter being identified or configured.
        711 Unknown adapter being identified or configured.
        712 Graphics slot bus configuration is executing.
        713 The IBM ARTIC960 device being configured.
        714 A video capture adapter being configured.
        715 The Ultramedia Services audio adapter being configured. (this number displays briefly on the panel).
        717 TP Ethernet Adapter being configured.
        718 GXT500 Graphics Adapter being configured.
        720 Unknown read/write optical drive type being configured.
        721 Unknown disk or SCSI device being identified or configured.
        722 Unknown disk being identified or configured.
        723 Unknown CD-ROM being identified or configured.
        724 Unknown tape drive being identified or configured.
        725 Unknown display adapter being identified or configured.
        726 Unknown input device being identified or configured.
        727 Unknown async device being identified or configured.
        728 Parallel printer being identified or configured.
        729 Unknown parallel device being identified or configured.
        730 Unknown diskette drive being identified or configured.
        731 PTY being identified or configured.
        732 Unknown SCSI initiator type being configured.
        733 7GB 8 mm tape drive being configured.
        734 4x SCSI-2 640 MB CD-ROM Drive being configured.
        736 Quiet Touch keyboard and speaker cable being configured.
        741 1080 MB SCSI Disk Drive being configured.
        745 16GB 4 mm Tape Auto Loader being configured.
        746 SCSI-2 Fast/Wide PCI Adapter being configured.
        747 SCSI-2 Differential Fast/Wide PCI Adapter being configured.
        749 7331 Model 205 Tape Library being configured.
        751 SCSI 32-bit SE F/W RAID Adapter being configured.
        754 1.1GB 16-bit SCSI disk drive being configured.
        755 2.2GB 16-bit SCSI disk drive being configured.
        756 4.5GB 16-bit SCSI disk drive being configured.
        757 External 13GB 1.5M/s 1/4 inch tape being configured.
        763 SP Switch MX Adapter being configured.
        764 SP System Attachment Adapter being configured.
        772 4.5GB SCSI F/W Disk Drive being configured.
        773 9.1GB SCSI F/W Disk Drive being configured.
        774 9.1GB External SCSI Disk Drive being configured.
        776 PCI Token-Ring Adapter being identified or configured.
        777 10/100 Ethernet Tx PCI Adapter being identified or configured.
        778 POWER GXT3000P 3D PCI Graphics adapter being configured.
        77B 4-Port 10/100 Ethernet Tx PCI Adapter being identified or configured.
        77c A 1.0 GB 16-bit SCSI disk drive being identified or configured.
        783 4 mm DDS-2 Tape Autoloader being configured.
        789 2.6 GB External Optical Drive being configured.
        78B POWER GXT4000P PCI Graphics Adapter.
        78C PCI bus configuration executing.
        78D GXT300P 2D Graphics adapter being configured.
        790 Multi-bus Integrated Ethernet Adapter being identified or configured.
        797 TURBOWAYS(R) 155 UTP/STP ATM Adapter being identified or configured.
        798 Video streamer adapter being identified or configured.
        799 2-Port Multiprotocol PCI adapter being identified or configured.
        79c ISA bus configuration executing.
        7C0 CPU/System Interface being configured.
        7C1 Business Audio Subsystem being identified or configured.
        7cc PCMCIA bus configuration executing.
        800 TURBOWAYS 155 MMF ATM Adapter being identified or configured.
        803 7336 Tape Library robotics being configured.
        804 8x Speed SCSI-2 CD-ROM Drive being configured.
        806 POWER GXT800 PCI Graphics adapter being configured.
        807 SCSI Device Enclosure being configured.
        80c SSA 4-Port Adapter being identified or configured.
        811 Processor complex being identified or configured.
        812 Memory being identified or configured.
        813 Battery for time-of-day, NVRAM, and so on being identified or configured
            or system I/O control logic being identified or configured.
        814 NVRAM being identified or configured.
        815 Floating-point processor test.
        816 Operator panel logic being identified or configured.
        817 Time-of-day logic being identified or configured.
        819 Graphics input device adapter being identified or configured.
        821 Standard keyboard adapter being identified or configured.
        823 Standard mouse adapter being identified or configured.
        824 Standard tablet adapter being identified or configured.
        825 Standard speaker adapter being identified or configured.
        826 Serial Port 1 adapter being identified or configured.
        827 Parallel port adapter being identified or configured.
        828 Standard diskette adapter being identified or configured.
        831 3151 adapter being identified or configured, or Serial Port 2 being identified or configured.
        834 64-port async controller being identified or configured.
        835 16-port async concentrator being identified or configured.
        836 128-port async controller being identified or configured.
        837 16-port remote async node being identified or configured.
        838 Network Terminal Accelerator Adapter being identified or configured.
        839 7318 Serial Communications Server being configured.
        840 PCI Single-Ended Ultra SCSI Adapter being configured.
        841 8-port async adapter (EIA-232) being identified or configured.
        842 8-port async adapter (EIA-422A) being identified or configured.
        843 8-port async adapter (MIL-STD 188) being identified or configured.
        844 7135 RAIDiant Array disk drive subsystem controller being identified or configured.
        845 7135 RAIDiant Array disk drive subsystem drawer being identified or configured.
        846 RAIDiant Array SCSI 1.3GB Disk Drive being configured.
        847 16-port serial adapter (EIA-232) being identified or configured.
        848 16-port serial adapter (EIA-422) being identified or configured.
        849 X.25 Interface Coprocessor/2 adapter being identified or configured.
        850 Token-Ring network adapter being identified or configured.
        851 T1/J1 Portmaster(R) adapter being identified or configured.
        852 Ethernet adapter being identified or configured.
        854 3270 Host Connection Program/6000 connection being identified or configured.
        855 Portmaster Adapter/A being identified or configured.
        857 FSLA adapter being identified or configured.
        858 5085/5086/5088 adapter being identified or configured.
        859 FDDI adapter being identified or configured.
        85c Token-Ring High-Performance LAN adapter being identified or configured.
        861 Optical adapter being identified or configured.
        862 Block Multiplexer Channel Adapter being identified or configured.
        865 ESCON Channel Adapter or emulator being identified or configured.
        866 SCSI adapter being identified or configured.
        867 Async expansion adapter being identified or configured.
        868 SCSI adapter being identified or configured.
        869 SCSI adapter being identified or configured.
        870 Serial disk drive adapter being identified or configured.
        871 Graphics subsystem adapter being identified or configured.
        872 Grayscale graphics adapter being identified or configured.
        874 Color graphics adapter being identified or configured.
        875 Vendor generic communication adapter being configured.
        876 8-bit color graphics processor being identified or configured.
        877 POWER Gt3(TM)/POWER Gt4(TM) being identified or configured.
        878 POWER Gt4 graphics processor card being configured.
        879 24-bit color graphics card, MEV2 being configured.
        880 POWER Gt1(TM) adapter being identified or configured.
        887 Integrated Ethernet adapter being identified or configured.
        889 SCSI adapter being identified or configured.
        890 SCSI-2 Differential Fast/Wide and Single-Ended Fast/Wide Adapter/A being configured.
        891 Vendor SCSI adapter being identified or configured.
        892 Vendor display adapter being identified or configured.
        893 Vendor LAN adapter being identified or configured.
        894 Vendor async/communications adapter being identified or configured.
        895 Vendor IEEE 488 adapter being identified or configured.
        896 Vendor VME bus adapter being identified or configured.
        897 S/370(TM) Channel Emulator adapter being identified or configured.
        898 POWER Gt1x(TM) graphics adapter being identified or configured.
        899 3490 attached tape drive being identified or configured.
        89c A multimedia SCSI CD-ROM being identified or configured.
        900 GXT110P Graphics Adapter being identified or configured.
        901 Vendor SCSI device being identified or configured.
        902 Vendor display device being identified or configured.
        903 Vendor async device being identified or configured.
        904 Vendor parallel device being identified or configured.
        905 Vendor other device being identified or configured.
        908 POWER GXT1000 Graphics subsystem being identified or configured.
        910 1/4GB Fiber Channel/266 Standard Adapter being identified or configured.
        911 Fiber Channel/1063 Adapter Short Wave being configured.
        912 2.0GB SCSI-2 differential disk drive being identified or configured.
        913 1.0GB differential disk drive being identified or configured.
        914 5GB 8 mm differential tape drive being identified or configured.
        915 4GB 4 mm tape drive being identified or configured.
        916 Non-SCSI vendor tape adapter being identified or configured.
        917 A 2.0 GB 16-bit differential SCSI disk drive being identified or configured.
        918 A 2 GB 16-bit single-ended SCSI disk drive being identified or configured.
        920 Bridge Box being identified or configured.
        921 101 keyboard being identified or configured.
        922 102 keyboard being identified or configured.
        923 Kanji keyboard being identified or configured.
        924 Two-button mouse being identified or configured.
        925 Three-button mouse being identified or configured.
        926 5083 tablet being identified or configured.
        927 5083 tablet being identified or configured.
        928 Standard speaker being identified or configured.
        929 Dials being identified or configured.
        930 Lighted program function keys (LPFK) being identified or configured.
        931 IP router being identified or configured.
        933 Async planar being identified or configured.
        934 Async expansion drawer being identified or configured.
        935 3.5-inch diskette drive being identified or configured.
        936 5.25-inch diskette drive being identified or configured.
        937 An HIPPI adapter being configured.
        938 Serial HIPPI PCI adapter being configured.
        942 POWER GXT 100 graphics adapter being identified or configured.
        943 A 3480 or 3490 control unit attached to a System/370 Channel Emulator/A adapter are being identified or configured.
        944 100MB ATM adapter being identified or configured.
        945 1.0GB SCSI differential disk drive being identified or configured.
        946 Serial port 3 adapter being identified or configured.
        947 A 730MB SCSI disk drive being configured.
        948 Portable disk drive being identified or configured.
        949 Unknown direct bus-attach device being identified or configured.
        950 Missing SCSI device being identified or configured.
        951 670MB SCSI disk drive being identified or configured.
        952 355MB SCSI disk drive being identified or configured.
        953 320MB SCSI disk drive being identified or configured.
        954 400MB SCSI disk drive being identified or configured.
        955 857MB SCSI disk drive being identified or configured.
        956 670MB SCSI disk drive electronics card being identified or configured.
        957 120 MB DBA disk drive being identified or configured.
        958 160 MB DBA disk drive being identified or configured.
        959 160 MB SCSI disk drive being identified or configured.
        960 1.37GB SCSI disk drive being identified or configured.
        964 Internal 20 GB 8 mm tape drive identified or configured.
        968 1.0 GB SCSI disk drive being identified or configured.
        970 Half-inch, 9-track tape drive being identified or configured.
        971 150 MB 1/4-inch tape drive being identified or configured.
        972 2.3 GB 8 mm SCSI tape drive being identified or configured.
        973 Other SCSI tape drive being identified or configured.
        974 CD-ROM drive being identified or configured.
        975 An optical disk drive being identified or configured.
        977 M-Audio Capture and Playback Adapter being identified or configured.
        981 540MB SCSI-2 single-ended disk drive being identified or configured.
        984 1GB 8-bit disk drive being identified or configured.
        985 M-Video Capture Adapter being identified or configured.
        986 2.4GB SCSI disk drive being identified or configured.
        987 An Enhanced SCSI CD-ROM drive being identified or configured.
        989 200MB SCSI disk drive being identified or configured.
        990 2.0GB SCSI-2 single-ended disk drive being identified or configured.
        991 525MB 1/4-inch cartridge tape drive being identified or configured.
        994 5 GB 8 mm tape drive being identified or configured.
        995 1.2GB 1/4 inch cartridge tape drive being identified or configured.
        996 A single-port, multiprotocol communications adapter being identified or configured.
        997 FDDI adapter being identified or configured.
        998 2.0 GB 4 mm tape drive being identified or configured.
        999 7137 or 3514 Disk Array Subsystem being configured.
        D46 Token-Ring cable
        D81 T2 Ethernet Adapter being configured.
        2530 10/100 Mbps Ethernet PCI Adapter II being configured.