\" .\" logtool.1 .\" .\" Copyright (C) 2001 A.L.Lambert. All rights reserved. .\" .\" Process this file with .\" groff -man -Tascii pgp.1 .\" .TH logtool 1 LOCAL .SH NAME logtool - parse and filter syslog files .SH SYNOPSIS .B (stdout) | logtool -[args] Logtool is a command line program that will parse logfiles into a more palatable format. It will take anything resembling a syslog or multilog file, as well as unformatted ASCII, and crunch it into one of the following formats for your viewing pleasure: .TP ANSI (colorized for easy "at a glance" viewing) .TP ASCII (e-mail reports/term's w/o color) .TP CSV (spreadsheet/database imports) .TP HTML (for generating web pages) .TP RAW (for no good reason) .B .SH OPTIONS .TP 5 -o [ ANSI | ASCII | CSV | HTML | RAW ] Allows you to specify the output format to be one of the following: ANSI (default), ASCII, CSV, HTML, RAW. Options are not case sensitive (ie: -o CSV and -o csv should yield the same results) .TP -t [ long | short ] Allows you to specify the time display format to be one of the following: (Long [default]) Mon Dy HH:MM:SS or (Short) HH:MM .TP -b Causes logtool to beep on RED events (ANSI output only). This is usefull when you want to monitor a logfile on an ongoing basis, and wish to have your terminal beep whenever something out of the ordinary happens. .TP -s Causes logtool to not display the syslog "source" field .TP -p Causes logtool to not display the "program" field .TP -c [/path/config.file] Allows you to specify a config file other than the default /etc/logtool/logtool.conf .TP -i [/path/includefile] Allows you to specify an alterate file containing regex's for inclusion [default=/etc/logtool/include] .TP -e [/path/excludefile] Allows you to specify an alternate file containing regex's for exclusion [default=/etc/logtool/exclude] .TP -n Causes logtool to skip any attempts to resolve IP->Hostname by the various modules (handy when your DNS is down temporairly). .TP -v Set logtool to operate in verbose mode (does nothing currently) .TP -V Causes logtool to print it's version information and exit .TP -h Display the help message .SH SUGGESTED USAGE(S) .TP As a 'live' logfile monitoring tool: tail -f /var/log/messages | logtool -o ANSI -b .TP To generate colorized webpages of logfiles: cat /var/log/messages | logtool -o HTML > /home/httpd/html/logs/messages.html .TP To generate reports via a cronjob: retail /var/log/messages | logtool -o ASCII | mail -s "Daily report" someuser@somedomain.ext .SH CONFIG FILE .P /etc/logtool/logtool.conf .P The config file should be commented to the point of being self-documenting, so we will not comment very extensively on it here. Suffice to say, this is the place where you should configure 99% of your runtime options for logtool. You may also have a collection of different default configurations, and select amongst them by the '-c' option of logtool. .SH AVAILABILITY Logtool is known to compile/run on all UNIX flavors using a 2.95.x GNU C Compiler, the GNU Make utility, and a proper ANSI C library (glibc is recommended, but not required). Specific reports of success include FreeBSD, OpenBSD, Solaris, SunOS, AIX, SCO, and of course, any known flavor of Linux (including at least 2 embedded system variants). .SH SEE ALSO .P regex(7) for help with constructing regular expressions for the include/exclude/colors files. If you find no regex manual on your system, try 'apropos regex' and see what you get, or as a last ditch, 'man grep' should at least point you in the right direction. .P You can also find a somewhat better bit of documentation in the textfile 'logtool.txt' (usually in the /usr/doc/, /usr/share/doc/ or similar tree on most Linux distributions). If you don't know where to look, you can probably find it by typing 'locate logtool.txt' at the command line. .SH AUTHOR A.L.Lambert