Google


logreader

Section: User Commands (1)
Updated: 12/13/2011
Index Return to Main Contents
 

NAME

logreader - read a logstore  

SYNOPSIS

logreader [ OPTION ]... [ FILE ]...  

DESCRIPTION

logreader is a utility to read messages from logstore (8). It operates much like cat (1), in that multiple log stores can be combined inside the output stream. The utility reads the logstore and reformats it to a simpler to read form (or even the original form). While doing so, it ensures the integrity of the log data.

It is the "inverse" tool to logwriter (1), which is used to create logstores.

If no files are specified on the command line, stdin is read. Otherwise, files are processed in the order specified. You may use "-" as a special file designator for stdin (thus "logreader" and "logreader -") are equivalent.

 

OPTIONS

-b
Use brief output. This will restore data in its original form.

-c command
Perform the given command. See under "COMMANDS" which are available.

-ofile
Output file to be written. If not given, stdout is used. Note that the output file is not a logstore but a regular text file.

 

COMMANDS

read
This is the default command. It makes logreader read the logstore.

getlasthash
This outputs the last hash used inside the logstore. This is especially useful if the last hash, for later verification, shall be stored in a different location.

Note that stdin is not supported for this command. If multiple files are given as parameters, there last hash is provided each on a separate line in order of appearance in the command line. It is suggested that only a single file be given to invocations with getlasthash command.

 

OUTPUT FORMATS

The regular output format includes a three-character header that is placed in front of each original log line. The initial two characters are either "OK", which means the integrity check was successfully passed, or "VF", which stands for "verification failed". Lines with "VF" must not be trusted. The thrid character is always a colon.

If the -b options is given, the header is not present and only the original log message is written. The output of log data continues as long as the integrity check can be carried out successful. If it fails, log reading is terminated with an error message and an error exit code is set.

 

EXIT CODES

This tool terminates with exit code 0 if everything went well. A code of 1 means that an error occured. Most probably the log integrity check failed in that case. Note that when multiple log files are being procssed, a failure in one of them will lead to an exit code of 1.

 

EXAMPLE

gunzip mail.logs |logreader -b
Reconstructs the original mail log (assuming such was stored in mail.logs) and writes it to stdout. Note that the log may be incomplete when verification fails. As such, a check for logreader's exit code should be included in such command sequences.
logreader -c getlasthash -o hashfile logfile.logs
This extracts the currently used last hash from logfile.logs and stores it into the file hashfile. This can be especially useful if the output hashes are to be forwarded to a different system or media.

logreader logfile.logs |grep "^VF:"
Reads and checks the logstore logfile.logs and, due to the pipe, outputs all records where verification fails.

 

AUTHOR

Rainer Gerhards (rgerhards@adiscon.com)

 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
COMMANDS
OUTPUT FORMATS
EXIT CODES
EXAMPLE
AUTHOR
This document was created by man2html, using the manual pages.
Time: 11:06:22 GMT, December 13, 2011