2000 Judith Samson Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. You may obtain a copy of the GNU Free Documentation License from the Free Software Foundation by visiting their Web site or by writing to: Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. Many of the names used by companies to distinguish their products and services are claimed as trademarks. Where those names appear in any GNOME documentation, and those trademarks are made aware to the members of the GNOME Documentation Project, the names have been printed in caps or initial caps. This is version 1.0 of the logview manual. logview is a graphical, menu-driven viewer that you can use to view and monitor your system logs. Logview comes with a few utilities to help you manage your logs, including a calendar, log monitor and log statistics display. For some of the most common log entries, logview also displays a short description of what the log entry means. Logview is useful if you are new to system administration because it provides an easier, more user-friendly display of your logs than a text display of the log file. It is also useful for more experienced administrators, as it contains a calendar to help you locate trends and track problems, as well as a monitor to enable you to continuously monitor crucial logs. Logview is useful only to those who have access to the system log files, which generally requires root access. Logview is contained in the gnome-utils package, which is part of the GNOME desktop environment. This document describes version 0.2 of logview. To run logview, assume root status with su, then start logview from the shell prompt with the command: logview. Alternatively, if you are running your X session as root, you can open logview from the Main Menu, Programs, System, System log monitor. Unix systems record all kinds of system activity in logs. Logs are particularly useful to the system administrator for discovering intruders, tracking down problems, and improving efficiency of the system. Syslogd, the system log daemon, monitors system activity looking for loggable events. When syslogd discovers an event that should be logged, it puts it in the correct log file. Some messages, such as kernel messages, are immediately printed to the screen, while others are mailed to root. Syslogd quietly places routine messages in the appropriate log file, to wait for the system administrator to open the log file and read the messages. Syslogd's behavior is determined by the syslog configuration file /etc/syslog.conf. /etc/syslog.conf lists the kinds of events which should be logged, and the file where each event should be placed. There are two parts to an /etc/syslog.conf entry: the facility, which lists the process that involves the event, and the severity, which gives different instructions for the logging of the event, depending on its severity. A sample syslog.conf file is shown below: # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console # Log anything (except mail) of level info or higher. # Don't log private authentication messages! *.info;mail.none;authpriv.none /var/log/messages # The authpriv file has restricted access. authpriv.* /var/log/secure # Log all the mail messages in one place. mail.* /var/log/maillog # Everybody gets emergency messages, plus log them on another # machine. *.emerg * # Save mail and news errors of level err and higher in a # special file. uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log When you first start logview, it opens to /var/log/messages by default. The Open dialog box automatically displays the /var/log directory. You can open as many logs simultaneously as you want, but only one log appears in the logview window at a time. To display each open log in turn, press the + key to scroll forwards through your logs in the order that you opened them, and the - key to scroll backwards. Use either the scrollbar in the logview window or the PageDn and PageUp keys to scroll through the entries of a log. The menu bar consists of four menus: File, View, Filter and Help. File This menu contains the following commands: Open log This item brings up the Open new logfile dialog for you to select a log to open. Export log This menu item is not yet available. Close log This item closes the currently active log. Switch log Although you can have multiple logs open in logview, you can view only one log at a time in the window. If you have more than one log open, Switch log displays the next open log in the log viewing window. Monitor This menu item opens the Monitor options dialog so you can select logs for monitoring. Ctrl-E Exit Quits logview, and closes all monitored logs. View This menu contains the following commands: Ctrl-C Calendar Opens the logview calendar, so you can select particular dates to view log entries, or see which dates contain log entries. Ctrl-I Log stats Displays the log stats information window, which provides basic information about the log. Ctrl-Z Zoom Provides a detailed description of the log entry. Filter The Filter menu is not yet operational. Help This menu contains the commands: Manual Shows this manual. About: Displays copyright and author information for GTimeTracker. Logview comes with a few tools to help you make use of your logs. The Calendar displays a monthly calendar, with dates that have log entries displayed in bold or colored font. Click on the date in the calendar to display the log entries for that date. The logstats tool displays basic statistics about the log, including the log full pathname, the size of the log file in bytes, the date the log was last modified, the date the log was started, the date of the most recent log entry and the number of lines in the log. Zoom opens a window with detailed information on the selected log entry. For some of the more common log entries, the zoom window also contains a description of what the log entry means. The zoom window dynamically updates as you scroll through the entries in the main logview window. To close the calendar, logstats or zoom window, use the close icon in the window title bar, as there is no close button in the logview window itself. logview comes with a simple monitoring utility. To monitor a log, open the log, then click File, Monitor. Select the log(s) to monitor from the Monitor options dialog box and click Add. The Actions and Hide App buttons are not yet operable in this version of logview. When you monitor a log, the last few entries of the log are displayed in a separate monitor window. The monitor window updates automatically as new log entries are made. As with the main logview window, you can monitor more than one log at a time, but only one log is displayed at a time. The other monitored logs are displayed as tabs in the monitor window. Other than menu items that have not yet been implemented, this application has no known bugs. Logview was written by Cesar Miquel (miquel@df.uba.ar). To find more information about logview, please visit the logview Web page. Please send all comments, suggestions, and bug reports to the GNOME bug tracking database. (Instructions for submitting bug reports can be found on-line.) If you are using GNOME 1.1 or later, you can also use Bug Report Tool (bug-buddy), available in the Utilities submenu of Main Menu, for submitting bug reports. This manual was written by Judith Samson (judith@samsonsource.com). Please send all comments and suggestions regarding this manual to the GNOME Documentation Project by sending an email to docs@gnome.org. You can also add your comments online by using the GNOME Documentation Status Table. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. A copy of the GNU General Public License is included as an appendix to the GNOME Users Guide. You may also obtain a copy of the GNU General Public License from the Free Software Foundation by visiting their Web site or by writing to

Free Software Foundation, Inc. 59 Temple Place - Suite 330 Boston, MA 02111-1307 USA