Context Navigation

← Previous Revision
Next Revision →
Normal
Revision Log

eventlogadm.8.xml

Visit:

Last change on this file was 862, checked in by Silvan Scherrer, 11 years ago
Samba Server: update trunk to 3.6.23
File size: 7.5 KB

Rev	Line
[862]	1	<?xml version="1.0" encoding="iso-8859-1"?>
	2	<!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
	3	<refentry id="eventlogadm.8">
	4
	5	<refmeta>
	6	<refentrytitle>eventlogadm</refentrytitle>
	7	<manvolnum>8</manvolnum>
	8	<refmiscinfo class="source">Samba</refmiscinfo>
	9	<refmiscinfo class="manual">System Administration tools</refmiscinfo>
	10	<refmiscinfo class="version">3.6</refmiscinfo>
	11	</refmeta>
	12
	13
	14	<refnamediv>
	15	<refname>eventlogadm</refname>
	16	<refpurpose>push records into the Samba event log store</refpurpose>
	17	</refnamediv>
	18
	19	<refsynopsisdiv>
	20	<cmdsynopsis>
	21
	22	<command>eventlogadm</command>
	23	<arg><option>-s</option></arg>
	24	<arg><option>-d</option></arg>
	25	<arg><option>-h</option></arg>
	26	<arg choice="plain"><option>-o</option>
	27	<literal>addsource</literal>
	28	<replaceable>EVENTLOG</replaceable>
	29	<replaceable>SOURCENAME</replaceable>
	30	<replaceable>MSGFILE</replaceable>
	31	</arg>
	32
	33	</cmdsynopsis>
	34	<cmdsynopsis>
	35	<command>eventlogadm</command>
	36	<arg><option>-s</option></arg>
	37	<arg><option>-d</option></arg>
	38	<arg><option>-h</option></arg>
	39	<arg choice="plain"><option>-o</option>
	40	<literal>write</literal>
	41	<replaceable>EVENTLOG</replaceable>
	42	</arg>
	43
	44	</cmdsynopsis>
	45	<cmdsynopsis>
	46	<command>eventlogadm</command>
	47	<arg><option>-s</option></arg>
	48	<arg><option>-d</option></arg>
	49	<arg><option>-h</option></arg>
	50	<arg choice="plain"><option>-o</option>
	51	<literal>dump</literal>
	52	<replaceable>EVENTLOG</replaceable>
	53	<replaceable>RECORD_NUMBER</replaceable>
	54	</arg>
	55
	56	</cmdsynopsis>
	57
	58	</refsynopsisdiv>
	59
	60	<refsect1>
	61	<title>DESCRIPTION</title>
	62
	63	<para>This tool is part of the <citerefentry><refentrytitle>samba</refentrytitle>
	64	<manvolnum>1</manvolnum></citerefentry> suite.</para>
	65
	66	<para><command>eventlogadm</command> is a filter that accepts
	67	formatted event log records on standard input and writes them
	68	to the Samba event log store. Windows client can then manipulate
	69	these record using the usual administration tools.</para>
	70
	71	</refsect1>
	72
	73
	74	<refsect1>
	75	<title>OPTIONS</title>
	76
	77	<variablelist>
	78	<varlistentry>
	79	<term>
	80	<option>-s</option>
	81	<replaceable>FILENAME</replaceable>
	82	</term>
	83	<listitem><para>
	84	The <command>-s</command> option causes <command>eventlogadm</command> to load the
	85	configuration file given as FILENAME instead of the default one used by Samba.
	86	</para></listitem>
	87	</varlistentry>
	88
	89	<varlistentry>
	90	<term><option>-d</option></term>
	91	<listitem><para>
	92	The <command>-d</command> option causes <command>eventlogadm</command> to emit debugging
	93	information.
	94	</para></listitem>
	95	</varlistentry>
	96
	97	<varlistentry>
	98	<term>
	99	<option>-o</option>
	100	<literal>addsource</literal>
	101	<replaceable>EVENTLOG</replaceable>
	102	<replaceable>SOURCENAME</replaceable>
	103	<replaceable>MSGFILE</replaceable>
	104	</term>
	105	<listitem><para>
	106	The <command>-o addsource</command> option creates a
	107	new event log source.
	108	</para> </listitem>
	109	</varlistentry>
	110
	111	<varlistentry>
	112	<term>
	113	<option>-o</option>
	114	<literal>write</literal>
	115	<replaceable>EVENTLOG</replaceable>
	116	</term>
	117	<listitem><para>
	118	The <command>-o write</command> reads event log
	119	records from standard input and writes them to the Samba
	120	event log store named by EVENTLOG.
	121	</para> </listitem>
	122	</varlistentry>
	123
	124	<varlistentry>
	125	<term>
	126	<option>-o</option>
	127	<literal>dump</literal>
	128	<replaceable>EVENTLOG</replaceable>
	129	<replaceable>RECORD_NUMBER</replaceable>
	130	</term>
	131	<listitem><para>
	132	The <command>-o dump</command> reads event log
	133	records from a EVENTLOG tdb and dumps them to standard
	134	output on screen.
	135	</para> </listitem>
	136	</varlistentry>
	137
	138	<varlistentry>
	139	<term><option>-h</option></term>
	140	<listitem><para>
	141	Print usage information.
	142	</para></listitem>
	143	</varlistentry>
	144
	145	</variablelist>
	146	</refsect1>
	147
	148
	149	<refsect1>
	150	<title>EVENTLOG RECORD FORMAT</title>
	151
	152	<para>For the write operation, <command>eventlogadm</command>
	153	expects to be able to read structured records from standard
	154	input. These records are a sequence of lines, with the record key
	155	and data separated by a colon character. Records are separated
	156	by at least one or more blank line.</para>
	157
	158	<para>The event log record field are:</para>
	159	<itemizedlist>
	160
	161	<listitem><para>
	162	<command>LEN</command> - This field should be 0, since <command>eventlogadm</command> will calculate this value.
	163	</para></listitem>
	164
	165	<listitem><para>
	166	<command>RS1</command> - This must be the value 1699505740.
	167	</para></listitem>
	168
	169	<listitem><para>
	170	<command>RCN</command> - This field should be 0.
	171	</para></listitem>
	172
	173	<listitem><para>
	174	<command>TMG</command> - The time the eventlog record
	175	was generated; format is the number of seconds since
	176	00:00:00 January 1, 1970, UTC.
	177	</para></listitem>
	178
	179	<listitem><para>
	180	<command>TMW</command> - The time the eventlog record was
	181	written; format is the number of seconds since 00:00:00
	182	January 1, 1970, UTC.
	183	</para></listitem>
	184
	185	<listitem><para>
	186	<command>EID</command> - The eventlog ID.
	187	</para></listitem>
	188
	189	<listitem><para>
	190	<command>ETP</command> - The event type -- one of
	191	"INFO",
	192	"ERROR", "WARNING", "AUDIT
	193	SUCCESS" or "AUDIT FAILURE".
	194	</para></listitem>
	195
	196	<listitem><para>
	197	<command>ECT</command> - The event category; this depends
	198	on the message file. It is primarily used as a means of
	199	filtering in the eventlog viewer.
	200	</para></listitem>
	201
	202	<listitem><para>
	203	<command>RS2</command> - This field should be 0.
	204	</para></listitem>
	205
	206	<listitem><para>
	207	<command>CRN</command> - This field should be 0.
	208	</para></listitem>
	209
	210	<listitem><para>
	211	<command>USL</command> - This field should be 0.
	212	</para></listitem>
	213
	214	<listitem><para>
	215	<command>SRC</command> - This field contains the source
	216	name associated with the event log. If a message file is
	217	used with an event log, there will be a registry entry
	218	for associating this source name with a message file DLL.
	219	</para></listitem>
	220
	221	<listitem><para>
	222	<command>SRN</command> - The name of the machine on
	223	which the eventlog was generated. This is typically the
	224	host name.
	225	</para></listitem>
	226
	227	<listitem><para>
	228	<command>STR</command> - The text associated with the
	229	eventlog. There may be more than one string in a record.
	230	</para></listitem>
	231
	232	<listitem><para>
	233	<command>DAT</command> - This field should be left unset.
	234	</para></listitem>
	235
	236	</itemizedlist>
	237
	238	</refsect1>
	239
	240	<refsect1>
	241	<title>EXAMPLES</title>
	242	<para>An example of the record format accepted by <command>eventlogadm</command>:</para>
	243
	244	<programlisting>
	245	LEN: 0
	246	RS1: 1699505740
	247	RCN: 0
	248	TMG: 1128631322
	249	TMW: 1128631322
	250	EID: 1000
	251	ETP: INFO
	252	ECT: 0
	253	RS2: 0
	254	CRN: 0
	255	USL: 0
	256	SRC: cron
	257	SRN: dmlinux
	258	STR: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
	259	DAT:
	260	</programlisting>
	261
	262	<para>Set up an eventlog source, specifying a message file DLL:</para>
	263	<programlisting>
	264	eventlogadm -o addsource Application MyApplication \| \\
	265	%SystemRoot%/system32/MyApplication.dll
	266	</programlisting>
	267
	268	<para>Filter messages from the system log into an event log:</para>
	269	<programlisting>
	270	tail -f /var/log/messages \| \\
	271	my_program_to_parse_into_eventlog_records \| \\
	272	eventlogadm SystemLogEvents
	273	</programlisting>
	274
	275	</refsect1>
	276
	277	<refsect1>
	278	<title>VERSION</title>
	279	<para>This man page is correct for version 3.0.25 of the Samba suite.</para>
	280	</refsect1>
	281
	282	<refsect1>
	283	<title>AUTHOR</title>
	284
	285	<para> The original Samba software and related utilities were
	286	created by Andrew Tridgell. Samba is now developed by the
	287	Samba Team as an Open Source project similar to the way the
	288	Linux kernel is developed.</para>
	289	</refsect1>
	290
	291	</refentry>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/server/docs-xml/manpages-3/eventlogadm.8.xml

Download in other formats: