table of contents
| EXPLAIN_SYSLOG(8) | Diagnostic Tools | EXPLAIN_SYSLOG(8) |
NAME¶
explain_syslog - explain syslog messagesSYNOPSIS¶
explain_syslog [ -b begin_time ] [ -e end_time ][ -m message_file | -M ] [ -C catalog_dir ] [ -h ] [ -d ]
DESCRIPTION¶
The explain_syslog command reads the specified message file (defaults to stdin), which should be in the format produced by the syslogd daemon. For each line that matches a message documented in the message catalog, explain_syslog prints an explanation, including probable cause and recommended action.OPTIONS¶
- -b begin_time
- Ignore messages with timestamps prior to begin_time. See "Timestamps."
- -C catalog_dir
- Use the message catalog in catalog_dir. The default is /etc/ppc64-diag/message_catalog.
- -d
- Print debugging output on stderr.
- -e end_time
- Ignore messages with timestamps after end_time. See "Timestamps."
- -h
- Print help text and exit.
- -m message_file
- Read syslog messages from the specified file instead of stdin.
- -M
- Read syslog messages from system default location.
TIMESTAMPS¶
The following timestamp formats are recognized by explain_syslog:month day [ year ] [hh:mm[:ss]] — e.g., Feb 12 2010 14:30
month day hh:mm[:ss] [ year ]
day month [ year ] [hh:mm[:ss]] — e.g., 12 Feb 14:30
day month hh:mm[:ss] [ year ]
year-month-day [hh:mm[:ss]] — e.g., 2010-2-12 14:30:00
If no year is specified, explain_syslog assumes that the timestamp is from the prior 12 months. If no hh:mm is specified, explain_syslog assumes 00:00:00.
AUTHOR¶
Written by Jim Keniston (jkenisto@us.ibm.com). Conversion of format strings to regular expressions (for matching syslog messages to catalog entries) written by Jesse Larrew (jlarrew@us.ibm.com).FILES¶
/etc/ppc64-diag/message_catalog/* — message catalogSEE ALSO¶
syslog_to_servicelog(8), syslog(3)| March 2010 | Linux |