When you click View Log from the View System Logs screen, the results you see vary depending on which of the following logs you chose to view:
Results for the logmanager debug trace log use the following format:
yyyymmdd:hhmmss[milliseconds]:sequence number:process name (process ID):priority:message
For example:
20020628:162547538:100:LIC(13648):HIGH:[...license server initializing...]
where:
20020628 is the date.
162547538 is the time (16 hours, 25 minutes, 47 seconds, 538 milliseconds).
100 is the sequence number.
LIC(13648) is the process name, followed by the process ID in parentheses.
HIGH is the priority.
...license server initializing... is the message, truncated to save space in the log.
Results for the operating system boot messages log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:[machine name] [process name]:message
For example:
20021028:184554.000:1:lxboot:MED:chenpc rc:Stopping keytable succeeded
where:
20021028 is the date.
184554.000 is the time (18 hours, 45 minutes, 54 seconds, 000 milliseconds).
1 is the sequence number.
lxboot is the message type.
MED is the priority.
chenpc rc is the machine name, followed by the process name (rc).
Stopping keytable succeeded is the message.
Results for the Linux scheduled task log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:message
For example:
20021028:040500.000:1:lxcron:MED:root 1209) CMD (/opt/ecs/sbin/filesync -st all)
where:
20021028 is the date.
040500.000 is the time (04 hours, 05 minutes, 00 seconds, 000 milliseconds).
1 is the sequence number.
lxcron is the message type.
MED is the priority.
root 1209) is the login that executed the scheduled task and the process ID.
CMD (/opt/ecs/sbin/filesync -st all) is the command that the scheduled task executed.
Results for the Linux system log (syslog) use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:[machine name] [process name]:message
For example:
20021104:112113.000:12:lxsys:MED:pcct2 ypbind[3196]: broadcast: RPC: Timed out.
where:
20021104 is the date.
112113.000 is the time (11 hours, 21 minutes, 13 seconds, 000 milliseconds).
12 is the sequence number.
lxsys is the message type.
MED is the priority.
pcct2 ypbind[3196] is the machine name (pcct2), followed by the process name (ypbind[3196]).
broadcast: RPC: Timed out is the message.
Results for the Linux access security log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:server name:application name[process ID]:description
For example:
20020102:115000.000:2066:lxsec:MED:myserver PAM_pwdb[29937]: (rsh) session opened for user xyz_login by (uid=25)
where:
20020102 is the date.
115000.000 is the time (11 hours, 50 minutes, 00 seconds, 000 milliseconds).
2066 is the sequence number.
lxsec is the message type.
MED is the priority of the message.
myserver is the server from which the log came.
PAM_pwdb[29937] is the application that logged the message, followed by its process ID (pwdb[29937]).
(rsh) session opened for user xyz_login by (uid=25) is the description of what the process did or executed.
Results for the Linux login/logout/reboot log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:message
For example:
20021101:170800.000:1:lxwtmp:MED:doejohn pts/1 dura-srv.mycompany.com - 17:08 (08:43)
where:
20021101 is the date.
170800.000 is the time (17 hours, 08 minutes, 00 seconds, 000 milliseconds).
1 is the sequence number.
lxwtmp is the message type.
MED is the priority.
doejohn is the user ID of the person who logged in.
pts/1 dura-srv.mycompany.com - is the port (pts/1) and machine or PC (dura-srv.mycompany.com) from which the user logged in.
17:08 (08:43) is the time the user logged in and the amount of time the user was logged into the system (08:43). If the user is still logged in, the log will show "still logged in."
Results for the Linux file transfer log use the following format:
yyyymmdd:sequence number:hhmmss.milliseconds:transfer time:remote host name:file size:file name:transfer type:special action taken:direction of transfer:login method:local user name:name of service invoked:user ID:transfer status
For example:
20020114:1:090716.000:74 rem.servername.com
8143046 /var/home/ftp/file 1
b _ o a [email protected] ftp 0 * c
where:
20020114 is the date the ftp transfer took place.
1 is the sequence number.
090716.000 is the time the FTP transfer took place (09 hours, 07 minutes, 16 seconds, 000 milliseconds).
74 is the total transfer time in seconds.
rem.servername.com is the remote host name.
8143046 is the size of the transferred file in bytes.
/var/home/ftp/file 1 is the name of the transferred file.
b is the type of transfer. The "b" refers to a binary transfer; an "a" refers to an ASCII transfer.
_ is the special action taken. In this case, the "_" indicates that no action was taken. Other values are:
C - the file was compressed.
U - the file was uncompressed.
T - the file was made into a "tar" file (tape archive, or a collection of files).
o is the direction of the transfer. The "o" means that the transfer was outgoing; an "i" means that the transfer was incoming.
a is the method by which the user logged in. In this case, the "a" means the user logged in using an anonymous login. Other values are:
g - the user logged in using a guest login.
r - the user logged in using a local authenticated login ID.
[email protected] is the local user name. If the user is logged in using an anonymous or guest login, this field contains the ID string given when the password was entered (typically an email address).
ftp is the name of the service being invoked.
0 is the method of authentication used. The "0" means that no authentication method was used; a "1" indicates that RFC931 authentication was used.
* is the user ID returned by the authentication method. The "*" indicates that an authenticated user ID is not available.
c is the status of the transfer. The "c" means the transfer was completed; an "i" means the transfer was incomplete.
Results for the watchdog logs use the following format:
yyyymmdd:hhmmss.milliseconds:sequence number:message type:priority:message
For example:
20020521:164138.928:5:WATCHD:HIGH:INFO: no hardware watchdog device:/dev/hwsan
where:
20020521 is the date.
164138.928 is the time (16 hours, 41 minutes, 38 seconds, 928 milliseconds).
5 is the sequence number.
WATCHD is the message type.
HIGH is the priority.
INFO: no hardware watchdog device:/dev/hwsan is the message.
Results for the Platform command history log use the following format:
month date time [server name] user: command issued
For example:
Jan 17 12:42:31 company-srv1 init: /opt/ecs/bin/resetipsi -d
where:
Jan 17 12:42:31 is the month, date, and time the command was issued.
company-srv1 is the name of the server where the command was issued.
init is the user who initiated the command.
/opt/ecs/bin/resetipsi -d is the command that was issued by the user.