diff options
| author | vorlon <vorlon@alioth.debian.org> | 2008-03-24 08:23:36 +0000 |
|---|---|---|
| committer | vorlon <vorlon@alioth.debian.org> | 2008-03-24 08:23:36 +0000 |
| commit | bba625b04e0d12c2c03a345554d98b8575f4f380 (patch) | |
| tree | 1333f979a7278d10b7c56c4f0b34fa6d3e75b2e1 /docs/htmldocs/manpages/eventlogadm.8.html | |
| parent | 74a2535fdc9252584a2ca4256431b28b20ed4f58 (diff) | |
| download | samba-bba625b04e0d12c2c03a345554d98b8575f4f380.tar.gz | |
Load samba-3.2.0pre2 into branches/samba/upstream-3.2.upstream/3.2.0_pre2
git-svn-id: svn://svn.debian.org/svn/pkg-samba/branches/samba/upstream-3.2@1780 fc4039ab-9d04-0410-8cac-899223bdd6b0
Diffstat (limited to 'docs/htmldocs/manpages/eventlogadm.8.html')
| -rw-r--r-- | docs/htmldocs/manpages/eventlogadm.8.html | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/docs/htmldocs/manpages/eventlogadm.8.html b/docs/htmldocs/manpages/eventlogadm.8.html new file mode 100644 index 0000000000..f9c6cf859b --- /dev/null +++ b/docs/htmldocs/manpages/eventlogadm.8.html @@ -0,0 +1,109 @@ +<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>eventlogadm</title><link rel="stylesheet" href="samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.72.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="eventlogadm.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>eventlogadm — push records into the Samba event log store</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="literal">eventlogadm</code> [<code class="option">-d</code>] [<code class="option">-h</code>] <code class="option">-o</code> + <code class="literal">addsource</code> + <em class="replaceable"><code>EVENTLOG</code></em> + <em class="replaceable"><code>SOURCENAME</code></em> + <em class="replaceable"><code>MSGFILE</code></em> + </p></div><div class="cmdsynopsis"><p><code class="literal">eventlogadm</code> [<code class="option">-d</code>] [<code class="option">-h</code>] <code class="option">-o</code> + <code class="literal">write</code> + <em class="replaceable"><code>EVENTLOG</code></em> + </p></div></div><div class="refsect1" lang="en"><a name="id299251"></a><h2>DESCRIPTION</h2><p>This tool is part of the <a href="samba.1.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(1)</span></a> suite.</p><p><code class="literal">eventlogadm</code> is a filter that accepts + formatted event log records on standard input and writes them + to the Samba event log store. Windows client can then manipulate + these record using the usual administration tools.</p></div><div class="refsect1" lang="en"><a name="id266714"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term"><code class="option">-d</code></span></dt><dd><p> + The <code class="literal">-d</code> option causes <code class="literal">eventlogadm</code> to emit debugging + information. + </p></dd><dt><span class="term"> + <code class="option">-o</code> + <code class="literal">addsource</code> + <em class="replaceable"><code>EVENTLOG</code></em> + <em class="replaceable"><code>SOURCENAME</code></em> + <em class="replaceable"><code>MSGFILE</code></em> + </span></dt><dd><p> + The <code class="literal">-o addsource</code> option creates a + new event log source. + </p></dd><dt><span class="term"> + <code class="option">-o</code> + <code class="literal">write</code> + <em class="replaceable"><code>EVENTLOG</code></em> + </span></dt><dd><p> + The <code class="literal">-o write</code> reads event log + records from standard input and writes them to theSamba + event log store named by EVENTLOG. + </p></dd><dt><span class="term"><code class="option">-h</code></span></dt><dd><p> + Print usage information. + </p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id266828"></a><h2>EVENTLOG RECORD FORMAT</h2><p>For the write operation, <code class="literal">eventlogadm</code> + expects to be able to read structured records from standard + input. These records are a sequence of lines, with the record key + and data separated by a colon character. Records are separated + by at least one or more blank line.</p><p>The event log record field are:</p><div class="itemizedlist"><ul type="disc"><li><p> + <code class="literal">LEN</code> - This field should be 0, since <code class="literal">eventlogadm</code> will calculate this value. + </p></li><li><p> + <code class="literal">RS1</code> - This must be the value 1699505740. + </p></li><li><p> + <code class="literal">RCN</code> - This field should be 0. + </p></li><li><p> + <code class="literal">TMG</code> - The time the eventlog record + was generated; format is the number of seconds since + 00:00:00 January 1, 1970, UTC. + </p></li><li><p> + <code class="literal">TMW</code> - The time the eventlog record was + written; format is the number of seconds since 00:00:00 + January 1, 1970, UTC. + </p></li><li><p> + <code class="literal">EID</code> - The eventlog ID. + </p></li><li><p> + <code class="literal">ETP</code> - The event type -- one of + "INFO", + "ERROR", "WARNING", "AUDIT + SUCCESS" or "AUDIT FAILURE". + </p></li><li><p> + <code class="literal">ECT</code> - The event category; this depends + on the message file. It is primarily used as a means of + filtering in the eventlog viewer. + </p></li><li><p> + <code class="literal">RS2</code> - This field should be 0. + </p></li><li><p> + <code class="literal">CRN</code> - This field should be 0. + </p></li><li><p> + <code class="literal">USL</code> - This field should be 0. + </p></li><li><p> + <code class="literal">SRC</code> - This field contains the source + name associated with the event log. If a message file is + used with an event log, there will be a registry entry + for associating this source name with a message file DLL. + </p></li><li><p> + <code class="literal">SRN</code> - he name of the machine on + which the eventlog was generated. This is typically the + host name. + </p></li><li><p> + <code class="literal">STR</code> - The text associated with the + eventlog. There may be more than one string in a record. + </p></li><li><p> + <code class="literal">DAT</code> - This field should be left unset. + </p></li></ul></div></div><div class="refsect1" lang="en"><a name="id307897"></a><h2>EXAMPLES</h2><p>An example of the record format accepted by <code class="literal">eventlogadm</code>:</p><pre class="programlisting"> + LEN: 0 + RS1: 1699505740 + RCN: 0 + TMG: 1128631322 + TMW: 1128631322 + EID: 1000 + ETP: INFO + ECT: 0 + RS2: 0 + CRN: 0 + USL: 0 + SRC: cron + SRN: dmlinux + STR: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.hourly) + DAT: + </pre><p>Set up an eventlog source, specifying a message file DLL:</p><pre class="programlisting"> + eventlogadm -o addsource Application MyApplication | \\ + %SystemRoot%/system32/MyApplication.dll + </pre><p>Filter messages from the system log into an event log:</p><pre class="programlisting"> + tail -f /var/log/messages | \\ + my_program_to_parse_into_eventlog_records | \\ + eventlogadm SystemLogEvents + </pre></div><div class="refsect1" lang="en"><a name="id307938"></a><h2>VERSION</h2><p>This man page is correct for version 3.0.25 of the Samba suite.</p></div><div class="refsect1" lang="en"><a name="id307948"></a><h2>AUTHOR</h2><p> The original Samba software and related utilities were + created by Andrew Tridgell. Samba is now developed by the + Samba Team as an Open Source project similar to the way the + Linux kernel is developed.</p></div></div></body></html> |