Changeset 429 for trunk/server/docs/manpages/eventlogadm.8

Timestamp:

Apr 9, 2010, 3:51:41 PM (15 years ago)

Author:

Silvan Scherrer

Message:

Samba 3.5.x: trunk update to 3.5.2

Location:

trunk/server

Files:

• . (modified) (1 prop)
• docs/manpages/eventlogadm.8 (modified) (23 diffs)

trunk/server/docs/manpages/eventlogadm.8

@@ -1 @@
-'\" t
 .\"     Title: eventlogadm
 .\"    Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
-.\"      Date: 02/19/2010
+.\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
+.\"      Date: 03/30/2010
 .\"    Manual: System Administration tools
 .\"    Source: Samba 3.5
 .\"  Language: English
 .\"
-.TH "EVENTLOGADM" "8" "02/19/2010" "Samba 3\&.5" "System Administration tools"
+.TH "EVENTLOGADM" "8" "03/30/2010" "Samba 3\&.5" "System Administration tools"
+.\" -----------------------------------------------------------------
+.\" * (re)Define some macros
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" toupper - uppercase a string (locale-aware)
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de toupper
+.tr aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ
+\\$*
+.tr aabbccddeeffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SH-xref - format a cross-reference to an SH section
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de SH-xref
+.ie n \{\
+.\}
+.toupper \\$*
+.el \{\
+\\$*
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SH - level-one heading that works better for non-TTY output
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de1 SH
+.\" put an extra blank line of space above the head in non-TTY output
+.if t \{\
+.sp 1
+.\}
+.sp \\n[PD]u
+.nr an-level 1
+.set-an-margin
+.nr an-prevailing-indent \\n[IN]
+.fi
+.in \\n[an-margin]u
+.ti 0
+.HTML-TAG ".NH \\n[an-level]"
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+\." make the size of the head bigger
+.ps +3
+.ft B
+.ne (2v + 1u)
+.ie n \{\
+.\" if n (TTY output), use uppercase
+.toupper \\$*
+.\}
+.el \{\
+.nr an-break-flag 0
+.\" if not n (not TTY), use normal case (not uppercase)
+\\$1
+.in \\n[an-margin]u
+.ti 0
+.\" if not n (not TTY), put a border/line under subheading
+.sp -.6
+\l'\n(.lu'
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" SS - level-two heading that works better for non-TTY output
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de1 SS
+.sp \\n[PD]u
+.nr an-level 1
+.set-an-margin
+.nr an-prevailing-indent \\n[IN]
+.fi
+.in \\n[IN]u
+.ti \\n[SN]u
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.ps \\n[PS-SS]u
+\." make the size of the head bigger
+.ps +2
+.ft B
+.ne (2v + 1u)
+.if \\n[.$] \&\\$*
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" BB/BE - put background/screen (filled box) around block of text
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de BB
+.if t \{\
+.sp -.5
+.br
+.in +2n
+.ll -2n
+.gcolor red
+.di BX
+.\}
+..
+.de EB
+.if t \{\
+.if "\\$2"adjust-for-leading-newline" \{\
+.sp -1
+.\}
+.br
+.di
+.in
+.ll
+.gcolor
+.nr BW \\n(.lu-\\n(.i
+.nr BH \\n(dn+.5v
+.ne \\n(BHu+.5v
+.ie "\\$2"adjust-for-leading-newline" \{\
+\M[\\$1]\h'1n'\v'+.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
+.\}
+.el \{\
+\M[\\$1]\h'1n'\v'-.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
+.\}
+.in 0
+.sp -.5v
+.nf
+.BX
+.in
+.sp .5v
+.fi
+.\}
+..
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" BM/EM - put colored marker in margin next to block of text
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.de BM
+.if t \{\
+.br
+.ll -2n
+.gcolor red
+.di BX
+.\}
+..
+.de EM
+.if t \{\
+.br
+.di
+.ll
+.gcolor
+.nr BH \\n(dn
+.ne \\n(BHu
+\M[\\$1]\D'P -.75n 0 0 \\n(BHu -(\\n[.i]u - \\n(INu - .75n) 0 0 -\\n(BHu'\M[]
+.in 0
+.nf
+.BX
+.in
+.fi
+.\}
+..
 .\" -----------------------------------------------------------------
 .\" * set default formatting
@@ -19 +167 @@
 .\" * MAIN CONTENT STARTS HERE *
 .\" -----------------------------------------------------------------
-.SH "NAME"
+.SH "Name"
 eventlogadm \- push records into the Samba event log store
-.SH "SYNOPSIS"
+.SH "Synopsis"
+.fam C
 .HP \w'\ 'u
-eventlogadm [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ addsource\ \fIEVENTLOG\fR\ \fISOURCENAME\fR\ \fIMSGFILE\fR
+\FCeventlogadm\F[] [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ \FCaddsource\F[]\ \fIEVENTLOG\fR\ \fISOURCENAME\fR\ \fIMSGFILE\fR
+.fam
+.fam C
 .HP \w'\ 'u
-eventlogadm [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ write\ \fIEVENTLOG\fR
+\FCeventlogadm\F[] [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ \FCwrite\F[]\ \fIEVENTLOG\fR
+.fam
+.fam C
 .HP \w'\ 'u
-eventlogadm [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ dump\ \fIEVENTLOG\fR\ \fIRECORD_NUMBER\fR
+\FCeventlogadm\F[] [\fB\-d\fR] [\fB\-h\fR] \fB\-o\fR\ \FCdump\F[]\ \fIEVENTLOG\fR\ \fIRECORD_NUMBER\fR
+.fam
 .SH "DESCRIPTION"
 .PP
@@ -34 +188 @@
 suite\&.
 .PP
-eventlogadm
+\FCeventlogadm\F[]
 is a filter that accepts formatted event log records on standard input and writes them to the Samba event log store\&. Windows client can then manipulate these record using the usual administration tools\&.
 .SH "OPTIONS"
@@ -41 +195 @@
 .RS 4
 The
-\-d
+\FC\-d\F[]
 option causes
-eventlogadm
+\FCeventlogadm\F[]
 to emit debugging information\&.
 .RE
 .PP
-\fB\-o\fR addsource \fIEVENTLOG\fR \fISOURCENAME\fR \fIMSGFILE\fR
+\fB\-o\fR \FCaddsource\F[] \fIEVENTLOG\fR \fISOURCENAME\fR \fIMSGFILE\fR
 .RS 4
 The
-\-o addsource
+\FC\-o addsource\F[]
 option creates a new event log source\&.
 .RE
 .PP
-\fB\-o\fR write \fIEVENTLOG\fR
+\fB\-o\fR \FCwrite\F[] \fIEVENTLOG\fR
 .RS 4
 The
-\-o write
+\FC\-o write\F[]
 reads event log records from standard input and writes them to the Samba event log store named by EVENTLOG\&.
 .RE
 .PP
-\fB\-o\fR dump \fIEVENTLOG\fR \fIRECORD_NUMBER\fR
+\fB\-o\fR \FCdump\F[] \fIEVENTLOG\fR \fIRECORD_NUMBER\fR
 .RS 4
 The
-\-o dump
+\FC\-o dump\F[]
 reads event log records from a EVENTLOG tdb and dumps them to standard output on screen\&.
 .RE
@@ -75 +229 @@
 .PP
 For the write operation,
-eventlogadm
+\FCeventlogadm\F[]
 expects to be able to read structured records from standard input\&. These records are a sequence of lines, with the record key and data separated by a colon character\&. Records are separated by at least one or more blank line\&.
 .PP
@@ -89 +243 @@
 .\}
 
-LEN
+\FCLEN\F[]
 \- This field should be 0, since
-eventlogadm
+\FCeventlogadm\F[]
 will calculate this value\&.
 .RE
@@ -104 +258 @@
 .\}
 
-RS1
+\FCRS1\F[]
 \- This must be the value 1699505740\&.
 .RE
@@ -117 +271 @@
 .\}
 
-RCN
+\FCRCN\F[]
 \- This field should be 0\&.
 .RE
@@ -130 +284 @@
 .\}
 
-TMG
+\FCTMG\F[]
 \- The time the eventlog record was generated; format is the number of seconds since 00:00:00 January 1, 1970, UTC\&.
 .RE
@@ -143 +297 @@
 .\}
 
-TMW
+\FCTMW\F[]
 \- The time the eventlog record was written; format is the number of seconds since 00:00:00 January 1, 1970, UTC\&.
 .RE
@@ -156 +310 @@
 .\}
 
-EID
+\FCEID\F[]
 \- The eventlog ID\&.
 .RE
@@ -169 +323 @@
 .\}
 
-ETP
+\FCETP\F[]
 \- The event type \-\- one of "INFO", "ERROR", "WARNING", "AUDIT SUCCESS" or "AUDIT FAILURE"\&.
 .RE
@@ -182 +336 @@
 .\}
 
-ECT
+\FCECT\F[]
 \- The event category; this depends on the message file\&. It is primarily used as a means of filtering in the eventlog viewer\&.
 .RE
@@ -195 +349 @@
 .\}
 
-RS2
+\FCRS2\F[]
 \- This field should be 0\&.
 .RE
@@ -208 +362 @@
 .\}
 
-CRN
+\FCCRN\F[]
 \- This field should be 0\&.
 .RE
@@ -221 +375 @@
 .\}
 
-USL
+\FCUSL\F[]
 \- This field should be 0\&.
 .RE
@@ -234 +388 @@
 .\}
 
-SRC
+\FCSRC\F[]
 \- This field contains the source name associated with the event log\&. If a message file is used with an event log, there will be a registry entry for associating this source name with a message file DLL\&.
 .RE
@@ -247 +401 @@
 .\}
 
-SRN
+\FCSRN\F[]
 \- The name of the machine on which the eventlog was generated\&. This is typically the host name\&.
 .RE
@@ -260 +414 @@
 .\}
 
-STR
+\FCSTR\F[]
 \- The text associated with the eventlog\&. There may be more than one string in a record\&.
 .RE
@@ -273 +427 @@
 .\}
 
-DAT
+\FCDAT\F[]
 \- This field should be left unset\&.
 .SH "EXAMPLES"
 .PP
 An example of the record format accepted by
-eventlogadm:
+\FCeventlogadm\F[]:
 .sp
 .if n \{\
 .RS 4
 .\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         LEN: 0
         RS1: 1699505740
@@ -300 +462 @@
         DAT:
         
-.fi
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
 .if n \{\
 .RE
@@ -310 +478 @@
 .RS 4
 .\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         eventlogadm \-o addsource Application MyApplication | \e\e
                 %SystemRoot%/system32/MyApplication\&.dll
         
-.fi
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
 .if n \{\
 .RE
@@ -324 +506 @@
 .RS 4
 .\}
+.fam C
+.ps -1
 .nf
+.if t \{\
+.sp -1
+.\}
+.BB lightgray adjust-for-leading-newline
+.sp -1
+
         tail \-f /var/log/messages | \e\e
                 my_program_to_parse_into_eventlog_records | \e\e
                 eventlogadm SystemLogEvents
         
-.fi
+.EB lightgray adjust-for-leading-newline
+.if t \{\
+.sp 1
+.\}
+.fi
+.fam
+.ps +1
 .if n \{\
 .RE