View System Log results
When you click View Log from the View System
Logs screen, the results you see vary depending on which of the following
logs you chose to view:
Logmanager
debug trace log
Operating system boot messages log
Linux
scheduled task log (CRON)
Linux
system log (syslog)
Linux
access security log
Linux
login/logout/reboot log
Linux
file transfer log
Watchdog
logs
Platform command history log
Logmanager debug trace log
Results for the logmanager debug trace log use the following format:
yyyymmdd:hhmmss[milliseconds]:sequence
number:process name (process ID):priority:message
For example:
20020628:162547538:100:LIC(13648):HIGH:[...license
server initializing...]
where:
20020628 is the date.
162547538 is the time (16 hours, 25
minutes, 47 seconds, 538 milliseconds).
100 is the sequence number.
LIC(13648) is the process name, followed
by the process ID in parentheses.
HIGH is the priority.
...license server initializing... is
the message, truncated to save space in the log.
Operating system boot
messages log
Results for the operating system boot messages log use the following
format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:[machine name] [process name]:message
For example:
20021028:184554.000:1:lxboot:MED:chenpcrc:Stopping
keytable succeeded
where:
- 20021028
is the date.
- 184554.000
is the time (18 hours, 45 minutes, 54 seconds, 000 milliseconds).
- 1 is the
sequence number.
- lxboot
is the message type.
- MED
is the priority.
- chenpcrc is
the machine name, followed by the process name (rc).
- Stopping keytable
succeeded is the message.
Linux scheduled task log (CRON)
Results for the Linux scheduled task log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:message
For example:
20021028:040500.000:1:lxcron:MED:root
1209) CMD (/opt/ecs/sbin/filesync
-st all)
where:
- 20021028
is the date.
- 040500.000
is the time (04 hours, 05 minutes, 00 seconds, 000 milliseconds).
- 1 is the
sequence number.
- lxcron
is the message type.
- MED
is the priority.
- root 1209) is
the login that executed the scheduled task and the process ID.
- CMD
(/opt/ecs/sbin/filesync
-st all)
is the command that the scheduled task executed.
Linux syslog
Results for the Linux system log (syslog) use the following format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:[machine name] [process name]:message
For example:
20021104:112113.000:12:lxsys:MED:pcct2
ypbind[3196]: broadcast:
RPC: Timed
out.
where:
- 20021104
is the date.
- 112113.000
is the time (11 hours, 21 minutes, 13 seconds, 000 milliseconds).
- 12 is the
sequence number.
- lxsys
is the message type.
- MED
is the priority.
- pcct2 ypbind[3196]
is the machine name (pcct2), followed by the process name (ypbind[3196]).
- broadcast: RPC:
Timed out is the message.
Linux access security log
Results for the Linux access security log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:server name:application name[process
ID]:description
For example:
20020102:115000.000:2066:lxsec:MED:myserver
PAM_pwdb[29937]: (rsh)
session opened for user xyz_login
by (uid=25)
where:
- 20020102
is the date.
- 115000.000
is the time (11 hours, 50 minutes, 00 seconds, 000 milliseconds).
- 2066 is the
sequence number.
- lxsec
is the message type.
- MED
is the priority of the message.
- myserver
is the server from which the log came.
- PAM_pwdb[29937]
is the application that logged the message, followed by its process ID
(pwdb[29937]).
- (rsh)
session opened for user xyz_login
by (uid=25) is the description of what the process did or executed.
Linux login/logout/reboot log
Results for the Linux login/logout/reboot log use the following format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:message
For example:
20021101:170800.000:1:lxwtmp:MED:doejohnpts/1 dura-srv.mycompany.com
- 17:08 (08:43)
where:
- 20021101
is the date.
- 170800.000
is the time (17 hours, 08 minutes, 00 seconds, 000 milliseconds).
- 1 is the
sequence number.
- lxwtmp
is the message type.
- MEDis the priority.
- doejohn is the user ID of the person who logged
in.
- pts/1
dura-srv.mycompany.com
- is
the port (pts/1)
and machine or PC (dura-srv.mycompany.com)
from which the user logged in.
- 17:08 (08:43)
is the time the user logged in and the amount of time the user was logged
into the system (08:43). If the user is still logged in, the log will
show "still logged in."
Linux file transfer log
Results for the Linux file transfer log use the following format:
yyyymmdd:sequence
number:hhmmss.milliseconds:transfer
time:remote host name:file size:file name:transfer type:special action
taken:direction of transfer:login method:local user name:name of service
invoked:user ID:transfer status
For example:
20020114:1:090716.000:74 rem.servername.com
8143046 /var/home/ftp/file 1
b _ o a [email protected]
ftp 0 * c
where:
- 20020114
is the date the ftp transfer took place.
- 1 is the
sequence number.
- 090716.000
is the time the FTP transfer took place (09 hours, 07 minutes, 16 seconds,
000 milliseconds).
- 74 is the
total transfer time in seconds.
- rem.servername.com
is the remote host name.
- 8143046 is
the size of the transferred file in bytes.
- /var/home/ftp/file
1 is the name of the transferred file.
- b is the
type of transfer. The "b" refers to a binary transfer; an "a"
refers to an ASCII transfer.
- _ is the
special action taken. In this case, the "_" indicates that no
action was taken. Other values are:
- C
- the file was compressed.
- U - the file
was uncompressed.
- T
- the file was made into a "tar" file (tape archive, or a collection
of files).
- o is the
direction of the transfer. The "o" means that the transfer was
outgoing; an "i" means that the transfer was incoming.
- a is the
method by which the user logged in. In this case, the "a" means
the user logged in using an anonymous login. Other values are:
- g
- the user logged in using a guest login.
- r
- the user logged in using a local authenticated login ID.
- [email protected]
is the local user name. If the user is logged in using an anonymous or
guest login, this field contains the ID string given when the password
was entered (typically an email address).
- ftp is the
name of the service being invoked.
- 0 is the
method of authentication used. The "0" means that no authentication
method was used; a "1" indicates that RFC931 authentication
was used.
- * is the
user ID returned by the authentication method. The "*" indicates
that an authenticated user ID is not available.
- c
is the status of the transfer. The "c"
means the transfer was completed; an "i" means the transfer
was incomplete.
Watchdog logs
Results for the watchdog logs use the following format:
yyyymmdd:hhmmss.milliseconds:sequence
number:message type:priority:message
For example:
20020521:164138.928:5:WATCHD:HIGH:INFO:
no hardware watchdog device:/dev/hwsan
where:
- 20020521
is the date.
- 164138.928
is the time (16 hours, 41 minutes, 38 seconds, 928 milliseconds).
- 5 is the
sequence number.
- WATCHD
is the message type.
- HIGH is the
priority.
- INFO: no hardware
watchdog device:/dev/hwsan
is the message.
Platform command history log
Results for the Platform command history log use the following format:
month date
time [server
name] user:
command issued
For example:
Jan 17 12:42:31 company-srv1 init:
/opt/ecs/bin/resetipsi
-d
where:
- Jan 17 12:42:31
is the month, date, and time the command was issued.
- company-srv1
is the name of the server where the command was issued.
- init
is the user who initiated the command.
- /opt/ecs/bin/resetipsi
-d is
the command that was issued by the user.