analysing log files?
abartlet at pcug.org.au
Thu Sep 20 17:19:02 GMT 2001
Paul Reilly wrote:
> Does anyone know if there is a log filer parser/summarizer for samba logs?
> There's seems to be an awful lot of lanman debug output even at low
> priority level logs generated by samba.
> Ideally I'd like something which summarizes the info from the logs in a
> much more readable format , say like so:
> Sep 19 14:30:32 servername smbd [pid]: connect from foohost.bar.org [126.96.36.199]
> Sep 19 14:30:40 servername smbd [pid]: Defaulting to Lanman password for 'bloggsj'
> Sep 19 14:30:40 servername smbd [pid]: invalid password for user 'bloggsj'
> Sep 19 14:30:32 servername smbd [pid]: foohost (188.8.131.52) connect to service 'web' as user bloggsj (uid=1032, gid=500)
> Has anyone got anything like this ?
> Looking at the code, one could probably hack the samba source to produce
> logs like this, or one could write some perl which parses the verbose
> logs and produces some nicer ones. Before I do this I was wondering if
> anyone has come up with a better solution?
For login records the --with-utmp and utmp = yes configure/smb.conf
options might be what you are after, but the rest is probably best done
by fixing up some of the debugs in Samba.
Andrew Bartlett abartlet at pcug.org.au
Samba Team member, Build Farm maintainer abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba