Changeset 231 for branches/samba-3.2.x/docs/manpages/eventlogadm.8

Timestamp:

May 27, 2009, 9:08:03 AM (16 years ago)

Author:

Herwig Bauernfeind

Message:

Update 3.2 branch to 3.2.8 docs

File:

• branches/samba-3.2.x/docs/manpages/eventlogadm.8 (modified) (4 diffs)

branches/samba-3.2.x/docs/manpages/eventlogadm.8

@@ -1 +1 @@
 .\"     Title: eventlogadm
-.\"    Author: 
-.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
-.\"      Date: 12/19/2008
+.\"    Author: [see the "AUTHOR" section]
+.\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
+.\"      Date: 02/03/2009
 .\"    Manual: System Administration tools
 .\"    Source: Samba 3.2
+.\"  Language: English
 .\"
-.TH "EVENTLOGADM" "8" "12/19/2008" "Samba 3\.2" "System Administration tools"
+.TH "EVENTLOGADM" "8" "02/03/2009" "Samba 3\&.2" "System Administration tools"
+.\" -----------------------------------------------------------------
+.\" * (re)Define some macros
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" toupper - uppercase a string (locale-aware)
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de toupper
+.tr aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ
+\\$*
+.tr aabbccddeeffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SH-xref - format a cross-reference to an SH section
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de SH-xref
+.ie n \{\
+.\}
+.toupper \\$*
+.el \{\
+\\$*
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SH - level-one heading that works better for non-TTY output
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de1 SH
+.\" put an extra blank line of space above the head in non-TTY output
+.if t \{\
+.sp 1
+.\}
+.sp \\n[PD]u
+.nr an-level 1
+.set-an-margin
+.nr an-prevailing-indent \\n[IN]
+.fi
+.in \\n[an-margin]u
+.ti 0
+.HTML-TAG ".NH \\n[an-level]"
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+\." make the size of the head bigger
+.ps +3
+.ft B
+.ne (2v + 1u)
+.ie n \{\
+.\" if n (TTY output), use uppercase
+.toupper \\$*
+.\}
+.el \{\
+.nr an-break-flag 0
+.\" if not n (not TTY), use normal case (not uppercase)
+\\$1
+.in \\n[an-margin]u
+.ti 0
+.\" if not n (not TTY), put a border/line under subheading
+.sp -.6
+\l'\n(.lu'
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SS - level-two heading that works better for non-TTY output
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de1 SS
+.sp \\n[PD]u
+.nr an-level 1
+.set-an-margin
+.nr an-prevailing-indent \\n[IN]
+.fi
+.in \\n[IN]u
+.ti \\n[SN]u
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.ps \\n[PS-SS]u
+\." make the size of the head bigger
+.ps +2
+.ft B
+.ne (2v + 1u)
+.if \\n[.$] \&\\$*
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" BB/BE - put background/screen (filled box) around block of text
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de BB
+.if t \{\
+.sp -.5
+.br
+.in +2n
+.ll -2n
+.gcolor red
+.di BX
+.\}
+..
+.de EB
+.if t \{\
+.if "\\$2"adjust-for-leading-newline" \{\
+.sp -1
+.\}
+.br
+.di
+.in
+.ll
+.gcolor
+.nr BW \\n(.lu-\\n(.i
+.nr BH \\n(dn+.5v
+.ne \\n(BHu+.5v
+.ie "\\$2"adjust-for-leading-newline" \{\
+\M[\\$1]\h'1n'\v'+.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
+.\}
+.el \{\
+\M[\\$1]\h'1n'\v'-.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
+.\}
+.in 0
+.sp -.5v
+.nf
+.BX
+.in
+.sp .5v
+.fi
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" BM/EM - put colored marker in margin next to block of text
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de BM
+.if t \{\
+.br
+.ll -2n
+.gcolor red
+.di BX
+.\}
+..
+.de EM
+.if t \{\
+.br
+.di
+.ll
+.gcolor
+.nr BH \\n(dn
+.ne \\n(BHu
+\M[\\$1]\D'P -.75n 0 0 \\n(BHu -(\\n[.i]u - \\n(INu - .75n) 0 0 -\\n(BHu'\M[]
+.in 0
+.nf
+.BX
+.in
+.fi
+.\}
+..
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
 .ad l
-.SH "NAME"
-eventlogadm - push records into the Samba event log store
-.SH "SYNOPSIS"
-.HP 1
-eventlogadm [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ addsource\ \fIEVENTLOG\fR\ \fISOURCENAME\fR\ \fIMSGFILE\fR
-.HP 1
-eventlogadm [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ write\ \fIEVENTLOG\fR
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "Name"
+eventlogadm \- push records into the Samba event log store
+.SH "Synopsis"
+.fam C
+.HP \w'\ 'u
+\FCeventlogadm\F[] [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ \FCaddsource\F[]\ \fIEVENTLOG\fR\ \fISOURCENAME\fR\ \fIMSGFILE\fR
+.fam
+.fam C
+.HP \w'\ 'u
+\FCeventlogadm\F[] [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ \FCwrite\F[]\ \fIEVENTLOG\fR
+.fam
 .SH "DESCRIPTION"
 .PP
 This tool is part of the
 \fBsamba\fR(1)
-suite\.
-.PP
-eventlogadm
-is a filter that accepts formatted event log records on standard input and writes them to the Samba event log store\. Windows client can then manipulate these record using the usual administration tools\.
+suite\&.
+.PP
+\FCeventlogadm\F[]
+is a filter that accepts formatted event log records on standard input and writes them to the Samba event log store\&. Windows client can then manipulate these record using the usual administration tools\&.
 .SH "OPTIONS"
 .PP
@@ -31 +191 @@
 .RS 4
 The
-\-d
+\FC\-d\F[]
 option causes
-eventlogadm
-to emit debugging information\.
-.RE
-.PP
-\fB\-o\fR addsource \fIEVENTLOG\fR \fISOURCENAME\fR \fIMSGFILE\fR
+\FCeventlogadm\F[]
+to emit debugging information\&.
+.RE
+.PP
+\fB\-o\fR \FCaddsource\F[] \fIEVENTLOG\fR \fISOURCENAME\fR \fIMSGFILE\fR
 .RS 4
 The
-\-o addsource
-option creates a new event log source\.
-.RE
-.PP
-\fB\-o\fR write \fIEVENTLOG\fR
+\FC\-o addsource\F[]
+option creates a new event log source\&.
+.RE
+.PP
+\fB\-o\fR \FCwrite\F[] \fIEVENTLOG\fR
 .RS 4
 The
-\-o write
-reads event log records from standard input and writes them to theSamba event log store named by EVENTLOG\.
+\FC\-o write\F[]
+reads event log records from standard input and writes them to the Samba event log store named by EVENTLOG\&.
 .RE
 .PP
 \fB\-h\fR
 .RS 4
-Print usage information\.
+Print usage information\&.
 .RE
 .SH "EVENTLOG RECORD FORMAT"
 .PP
 For the write operation,
-eventlogadm
-expects to be able to read structured records from standard input\. These records are a sequence of lines, with the record key and data separated by a colon character\. Records are separated by at least one or more blank line\.
+\FCeventlogadm\F[]
+expects to be able to read structured records from standard input\&. These records are a sequence of lines, with the record key and data separated by a colon character\&. Records are separated by at least one or more blank line\&.
 .PP
 The event log record field are:
@@ -72 +232 @@
 .\}
 
-LEN
+\FCLEN\F[]
 \- This field should be 0, since
-eventlogadm
-will calculate this value\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-RS1
-\- This must be the value 1699505740\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-RCN
-\- This field should be 0\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-TMG
-\- The time the eventlog record was generated; format is the number of seconds since 00:00:00 January 1, 1970, UTC\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-TMW
-\- The time the eventlog record was written; format is the number of seconds since 00:00:00 January 1, 1970, UTC\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-EID
-\- The eventlog ID\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-ETP
-\- The event type \-\- one of "INFO", "ERROR", "WARNING", "AUDIT SUCCESS" or "AUDIT FAILURE"\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-ECT
-\- The event category; this depends on the message file\. It is primarily used as a means of filtering in the eventlog viewer\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-RS2
-\- This field should be 0\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-CRN
-\- This field should be 0\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-USL
-\- This field should be 0\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-SRC
-\- This field contains the source name associated with the event log\. If a message file is used with an event log, there will be a registry entry for associating this source name with a message file DLL\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-SRN
-\- he name of the machine on which the eventlog was generated\. This is typically the host name\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-STR
-\- The text associated with the eventlog\. There may be more than one string in a record\.
-.RE
-.sp
-.RS 4
-.ie n \{\
-\h'-04'\(bu\h'+03'\c
-.\}
-.el \{\
-.sp -1
-.IP \(bu 2.3
-.\}
-
-DAT
-\- This field should be left unset\.
+\FCeventlogadm\F[]
+will calculate this value\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCRS1\F[]
+\- This must be the value 1699505740\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCRCN\F[]
+\- This field should be 0\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCTMG\F[]
+\- The time the eventlog record was generated; format is the number of seconds since 00:00:00 January 1, 1970, UTC\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCTMW\F[]
+\- The time the eventlog record was written; format is the number of seconds since 00:00:00 January 1, 1970, UTC\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCEID\F[]
+\- The eventlog ID\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCETP\F[]
+\- The event type \-\- one of "INFO", "ERROR", "WARNING", "AUDIT SUCCESS" or "AUDIT FAILURE"\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCECT\F[]
+\- The event category; this depends on the message file\&. It is primarily used as a means of filtering in the eventlog viewer\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCRS2\F[]
+\- This field should be 0\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCCRN\F[]
+\- This field should be 0\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCUSL\F[]
+\- This field should be 0\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCSRC\F[]
+\- This field contains the source name associated with the event log\&. If a message file is used with an event log, there will be a registry entry for associating this source name with a message file DLL\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCSRN\F[]
+\- The name of the machine on which the eventlog was generated\&. This is typically the host name\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCSTR\F[]
+\- The text associated with the eventlog\&. There may be more than one string in a record\&.
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+
+\FCDAT\F[]
+\- This field should be left unset\&.
 .SH "EXAMPLES"
 .PP
 An example of the record format accepted by
-eventlogadm:
-.sp
-.RS 4
+\FCeventlogadm\F[]:
+.sp
+.if n \{\
+.RS 4
+.\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         LEN: 0
         RS1: 1699505740
@@ -278 +448 @@
         SRC: cron
         SRN: dmlinux
-        STR: (root) CMD ( rm \-f /var/spool/cron/lastrun/cron\.hourly)
+        STR: (root) CMD ( rm \-f /var/spool/cron/lastrun/cron\&.hourly)
         DAT:
         
-.fi
-.RE
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
+.if n \{\
+.RE
+.\}
 .PP
 Set up an eventlog source, specifying a message file DLL:
 .sp
-.RS 4
+.if n \{\
+.RS 4
+.\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         eventlogadm \-o addsource Application MyApplication | \e\e
-                %SystemRoot%/system32/MyApplication\.dll
+                %SystemRoot%/system32/MyApplication\&.dll
         
-.fi
-.RE
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
+.if n \{\
+.RE
+.\}
 .PP
 Filter messages from the system log into an event log:
 .sp
-.RS 4
+.if n \{\
+.RS 4
+.\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         tail \-f /var/log/messages | \e\e
                 my_program_to_parse_into_eventlog_records | \e\e
                 eventlogadm SystemLogEvents
         
-.fi
-.RE
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
+.if n \{\
+.RE
+.\}
 .SH "VERSION"
 .PP
-This man page is correct for version 3\.0\.25 of the Samba suite\.
+This man page is correct for version 3\&.0\&.25 of the Samba suite\&.
 .SH "AUTHOR"
 .PP
-The original Samba software and related utilities were created by Andrew Tridgell\. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\.
+The original Samba software and related utilities were created by Andrew Tridgell\&. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed\&.