SYSLOG-NG-DEBUN(1) | The syslog-ng-debun manual pag | SYSLOG-NG-DEBUN(1) |
NAME¶
syslog-ng-debun - syslog-ng DEBUg buNdle generatorSYNOPSIS¶
syslog-ng-debun [options]
DESCRIPTION¶
NOTE: The syslog-ng-debun application is distributed with the system logging application, and is usually part of the package. The latest version of the application is available at .This manual page is only an abstract, for the complete documentation of syslog-ng, see The syslog-ng Administrator Guide[1].
The syslog-ng-debun tool collects and saves information about your installation, making troubleshooting easier, especially if you ask help about your related problem.
GENERAL OPTIONS¶
-r-h
-l
-R <directory>
-W <directory>
DEBUG MODE OPTIONS¶
-dWarning! Using this option under high message load may increase disk I/O during the debug, and the resulting debug bundle can be huge. To exit debug mode, press Enter.
-D <options>
-t <seconds>
-w <seconds>
SYSTEM CALL TRACING¶
-sPACKET CAPTURE OPTIONS¶
Capturing packets requires a packet capture tool on the host. The syslog-ng-debun tool attempts to use tcpdump on most platforms, except for Solaris, where it uses snoop.-i <interface>
-p
-P <options>
-t <seconds>
EXAMPLES¶
syslog-ng-debun -r
Create a simple debug bundle, collecting information about your environment, for example, list packages containing the word: syslog, ldd of your syslog-binary, and so on.
syslog-ng-debun -r -l
Similar to syslog-ng-debun -r, but without privacy-sensitive information. For example, the following is NOT collected: fstab, df output, mount info, ip / network interface configuration, DNS resolv info, and process tree.
syslog-ng-debun -r -d
Similar to syslog-ng-debun -r, but it also stops syslog-ng, then restarts it in debug mode (-Fedv --enable-core). To stop debug mode, press Enter. The output of the debug mode collected into a separate file, and also added to the debug bundle.
syslog-ng-debun -r -s
Trace the system calls (using strace or truss) of an already running process.
syslog-ng-debun -r -d -s
Restart in debug mode, and also trace the system calls (using strace or truss) of the process.
syslog-ng-debun -r -p
Run packet capture (pcap) with the filter: port 514 or port 601 or port 53 Also waits for pressing Enter, like debug mode.
syslog-ng-debun -r -p -t 10
Noninteractive debug mode: Similar to syslog-ng-debun -r -p, but automatically exit after 10 seconds.
syslog-ng-debun -r -P "host 1.2.3.4" -D "-Fev --enable-core"
Change the packet-capturing filter from the default to host 1.2.3.4. Also change debugging parameters from the default to -Fev --enable-core. Since a timeout (-t) is not given, waits for pressing Enter.
syslog-ng-debun -r -p -d -w 5 -t 10
Collect pcap and debug mode output following this scenario:
FILES¶
/usr/bin/loggenSEE ALSO¶
syslog-ng.conf(5)Note
For the detailed documentation of see The 3.19 Administrator Guide[2]
If you experience any problems or need help with syslog-ng, visit the syslog-ng mailing list[3].
For news and notifications about of syslog-ng, visit the syslog-ng blogs[4].
AUTHOR¶
This manual page was written by the Balabit Documentation Team <documentation@balabit.com>.COPYRIGHT¶
NOTES¶
- 1.
- The syslog-ng Administrator Guide
- 2.
- The 3.19 Administrator Guide
- 3.
- syslog-ng mailing list
- 4.
- syslog-ng blogs
05/19/2019 | 3.19 |