GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SYSLOG-NG-DEBUN(1) The syslog-ng-debun manual pag SYSLOG-NG-DEBUN(1)

syslog-ng-debun - syslog-ng DEBUg buNdle generator

syslog-ng-debun [options]

NOTE: The syslog-ng-debun application is distributed with the system logging application, and is usually part of the package. The latest version of the application is available at .

This manual page is only an abstract, for the complete documentation of syslog-ng, see The syslog-ng Administrator Guide[1].

The syslog-ng-debun tool collects and saves information about your installation, making troubleshooting easier, especially if you ask help about your related problem.

-r
Run syslog-ng-debun. Using this option is required to actually execute the data collection with syslog-ng-debun. It is needed to prevent accidentally running syslog-ng-debun.

-h

Display the help page.

-l

Do not collect privacy-sensitive data, for example, process tree, fstab, and so on. If you use with -d, then the following parameters will be used for debug mode:-Fev

-R <directory>

The directory where is installed instead of /opt/syslog-ng.

-W <directory>

Set the working directory, where the debug bundle will be saved. Default value: /tmp. The name of the created file is syslog.debun.${host}.${date}.${3-random-characters-or-pid}.tgz

-d
Start in debug mode, using the -Fedv --enable-core options.

Warning! Using this option under high message load may increase disk I/O during the debug, and the resulting debug bundle can be huge. To exit debug mode, press Enter.

-D <options>

Start in debug mode, using the specified command-line options. To exit debug mode, press Enter. For details on the available options, see ???.

-t <seconds>

Run in noninteractive debug mode for <seconds>, and automatically exit debug mode after the specified number of seconds.

-w <seconds>

Wait <seconds> seconds before starting debug mode.

-s
Enable syscall tracing (strace -f or truss -f). Note that using -s itself does not enable debug mode, only traces the system calls of an already running process. To trace system calls in debug mode, use both the -s and -d options.

Capturing packets requires a packet capture tool on the host. The syslog-ng-debun tool attempts to use tcpdump on most platforms, except for Solaris, where it uses snoop.

-i <interface>

Capture packets only on the specified interface, for example, eth0.

-p

Capture incoming packets using the following filter: port 514 or port 601 or port 53

-P <options>

Capture incoming packets using the specified filter.

-t <seconds>

Run in noninteractive debug mode for <seconds>, and automatically exit debug mode after the specified number of seconds.

syslog-ng-debun -r

Create a simple debug bundle, collecting information about your environment, for example, list packages containing the word: syslog, ldd of your syslog-binary, and so on.

syslog-ng-debun -r -l

Similar to syslog-ng-debun -r, but without privacy-sensitive information. For example, the following is NOT collected: fstab, df output, mount info, ip / network interface configuration, DNS resolv info, and process tree.

syslog-ng-debun -r -d

Similar to syslog-ng-debun -r, but it also stops syslog-ng, then restarts it in debug mode (-Fedv --enable-core). To stop debug mode, press Enter. The output of the debug mode collected into a separate file, and also added to the debug bundle.

syslog-ng-debun -r -s

Trace the system calls (using strace or truss) of an already running process.

syslog-ng-debun -r -d -s

Restart in debug mode, and also trace the system calls (using strace or truss) of the process.

syslog-ng-debun -r -p

Run packet capture (pcap) with the filter: port 514 or port 601 or port 53 Also waits for pressing Enter, like debug mode.

syslog-ng-debun -r -p -t 10

Noninteractive debug mode: Similar to syslog-ng-debun -r -p, but automatically exit after 10 seconds.

syslog-ng-debun -r -P "host 1.2.3.4"  -D "-Fev --enable-core"

Change the packet-capturing filter from the default to host 1.2.3.4. Also change debugging parameters from the default to -Fev --enable-core. Since a timeout (-t) is not given, waits for pressing Enter.

syslog-ng-debun -r -p -d -w 5 -t 10

Collect pcap and debug mode output following this scenario:

•Start packet capture with default parameters (-p)

•Wait 5 seconds (-w 5)

•Stop syslog-ng

•Start syslog-ng in debug mode with default parameters (-d)

•Wait 10 seconds (-t 10)

•Stop syslog-ng debugging

•Start syslog-ng

•Stop packet capturing

/usr/local/bin/loggen

syslog-ng.conf(5)


Note

For the detailed documentation of see The 3.36 Administrator Guide[2]

If you experience any problems or need help with syslog-ng, visit the syslog-ng mailing list[3].

For news and notifications about of syslog-ng, visit the syslog-ng blogs[4].

This manual page was written by the Balabit Documentation Team <documentation@balabit.com>.

1.
The syslog-ng Administrator Guide
https://www.balabit.com/support/documentation/
2.
The 3.36 Administrator Guide
https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html
3.
syslog-ng mailing list
https://lists.balabit.hu/mailman/listinfo/syslog-ng
4.
syslog-ng blogs
https://syslog-ng.org/blogs/
03/04/2022 3.36
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.