Context Navigation

source: branches/samba-3.3.x/docs/htmldocs/manpages/eventlogadm.8.html@ 1075

Visit:

Last change on this file since 1075 was 411, checked in by Herwig Bauernfeind, 16 years ago
Update Samba 3.3.x to 3.3.11
File size: 6.6 KB

Rev	Line
[411]	1	<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>eventlogadm</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="eventlogadm.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eventlogadm — push records into the Samba event log store</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="literal">eventlogadm</code> [<code class="option">-d</code>] [<code class="option">-h</code>] <code class="option">-o</code>
[221]	2	<code class="literal">addsource</code>
	3	<em class="replaceable"><code>EVENTLOG</code></em>
	4	<em class="replaceable"><code>SOURCENAME</code></em>
	5	<em class="replaceable"><code>MSGFILE</code></em>
	6	</p></div><div class="cmdsynopsis"><p><code class="literal">eventlogadm</code> [<code class="option">-d</code>] [<code class="option">-h</code>] <code class="option">-o</code>
	7	<code class="literal">write</code>
	8	<em class="replaceable"><code>EVENTLOG</code></em>
[411]	9	</p></div></div><div class="refsect1" lang="en"><a name="id2483376"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a class="citerefentry" href="samba.1.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(1)</span></a> suite.</p><p><code class="literal">eventlogadm</code> is a filter that accepts
[221]	10	formatted event log records on standard input and writes them
	11	to the Samba event log store. Windows client can then manipulate
[411]	12	these record using the usual administration tools.</p></div><div class="refsect1" lang="en"><a name="id2483530"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term"><code class="option">-d</code></span></dt><dd><p>
[221]	13	The <code class="literal">-d</code> option causes <code class="literal">eventlogadm</code> to emit debugging
	14	information.
	15	</p></dd><dt><span class="term">
	16	<code class="option">-o</code>
	17	<code class="literal">addsource</code>
	18	<em class="replaceable"><code>EVENTLOG</code></em>
	19	<em class="replaceable"><code>SOURCENAME</code></em>
	20	<em class="replaceable"><code>MSGFILE</code></em>
	21	</span></dt><dd><p>
	22	The <code class="literal">-o addsource</code> option creates a
	23	new event log source.
	24	</p></dd><dt><span class="term">
	25	<code class="option">-o</code>
	26	<code class="literal">write</code>
	27	<em class="replaceable"><code>EVENTLOG</code></em>
	28	</span></dt><dd><p>
	29	The <code class="literal">-o write</code> reads event log
	30	records from standard input and writes them to the Samba
	31	event log store named by EVENTLOG.
	32	</p></dd><dt><span class="term"><code class="option">-h</code></span></dt><dd><p>
	33	Print usage information.
[411]	34	</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2483646"></a><h2>EVENTLOG RECORD FORMAT</h2><p>For the write operation, <code class="literal">eventlogadm</code>
[221]	35	expects to be able to read structured records from standard
	36	input. These records are a sequence of lines, with the record key
	37	and data separated by a colon character. Records are separated
[411]	38	by at least one or more blank line.</p><p>The event log record field are:</p><div class="itemizedlist"><ul type="disc"><li><p>
[221]	39	<code class="literal">LEN</code> - This field should be 0, since <code class="literal">eventlogadm</code> will calculate this value.
[411]	40	</p></li><li><p>
[221]	41	<code class="literal">RS1</code> - This must be the value 1699505740.
[411]	42	</p></li><li><p>
[221]	43	<code class="literal">RCN</code> - This field should be 0.
[411]	44	</p></li><li><p>
[221]	45	<code class="literal">TMG</code> - The time the eventlog record
	46	was generated; format is the number of seconds since
	47	00:00:00 January 1, 1970, UTC.
[411]	48	</p></li><li><p>
[221]	49	<code class="literal">TMW</code> - The time the eventlog record was
	50	written; format is the number of seconds since 00:00:00
	51	January 1, 1970, UTC.
[411]	52	</p></li><li><p>
[221]	53	<code class="literal">EID</code> - The eventlog ID.
[411]	54	</p></li><li><p>
[221]	55	<code class="literal">ETP</code> - The event type -- one of
	56	"INFO",
	57	"ERROR", "WARNING", "AUDIT
	58	SUCCESS" or "AUDIT FAILURE".
[411]	59	</p></li><li><p>
[221]	60	<code class="literal">ECT</code> - The event category; this depends
	61	on the message file. It is primarily used as a means of
	62	filtering in the eventlog viewer.
[411]	63	</p></li><li><p>
[221]	64	<code class="literal">RS2</code> - This field should be 0.
[411]	65	</p></li><li><p>
[221]	66	<code class="literal">CRN</code> - This field should be 0.
[411]	67	</p></li><li><p>
[221]	68	<code class="literal">USL</code> - This field should be 0.
[411]	69	</p></li><li><p>
[221]	70	<code class="literal">SRC</code> - This field contains the source
	71	name associated with the event log. If a message file is
	72	used with an event log, there will be a registry entry
	73	for associating this source name with a message file DLL.
[411]	74	</p></li><li><p>
[221]	75	<code class="literal">SRN</code> - The name of the machine on
	76	which the eventlog was generated. This is typically the
	77	host name.
[411]	78	</p></li><li><p>
[221]	79	<code class="literal">STR</code> - The text associated with the
	80	eventlog. There may be more than one string in a record.
[411]	81	</p></li><li><p>
[221]	82	<code class="literal">DAT</code> - This field should be left unset.
[411]	83	</p></li></ul></div></div><div class="refsect1" lang="en"><a name="id2481512"></a><h2>EXAMPLES</h2><p>An example of the record format accepted by <code class="literal">eventlogadm</code>:</p><pre class="programlisting">
[221]	84	LEN: 0
	85	RS1: 1699505740
	86	RCN: 0
	87	TMG: 1128631322
	88	TMW: 1128631322
	89	EID: 1000
	90	ETP: INFO
	91	ECT: 0
	92	RS2: 0
	93	CRN: 0
	94	USL: 0
	95	SRC: cron
	96	SRN: dmlinux
	97	STR: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly)
	98	DAT:
	99	</pre><p>Set up an eventlog source, specifying a message file DLL:</p><pre class="programlisting">
	100	eventlogadm -o addsource Application MyApplication \| \\
	101	%SystemRoot%/system32/MyApplication.dll
	102	</pre><p>Filter messages from the system log into an event log:</p><pre class="programlisting">
	103	tail -f /var/log/messages \| \\
	104	my_program_to_parse_into_eventlog_records \| \\
	105	eventlogadm SystemLogEvents
[411]	106	</pre></div><div class="refsect1" lang="en"><a name="id2481562"></a><h2>VERSION</h2><p>This man page is correct for version 3.0.25 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id2481573"></a><h2>AUTHOR</h2><p> The original Samba software and related utilities were
[221]	107	created by Andrew Tridgell. Samba is now developed by the
	108	Samba Team as an Open Source project similar to the way the
	109	Linux kernel is developed.</p></div></div></body></html>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: