Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"
Apress - Books for Professionals by Professionals

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Glossary
MoreInfo
Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
FAQ
Copyright Info
Terms of Use
Privacy Info
Disclaimer
WorkBoard
Thanks
Donations
Advertising
Masthead / Impressum
Your Account

Communication
Feedback
Forums
Private Messages
Surveys

Features
HOWTOs
News Archive
Submit News
Topics
User Articles
Web Links

Google
Google


The Web
linux-tutorial.info

Who's Online
There are currently, 159 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here

  

evlquery



SYNOPSIS

       evlquery  is  not a command, but provides query and filter
       expression rules for the evlview, evlconfig, evlnotify and
       evlogmgr commands.


DESCRIPTION

       A  simple  query  or filter expression is a single test of
       the form

       <attribute-name> <op> <val>

       where

       · attribute-name is the name of an event attribute.

       · op is a comparison operator such as == or <.

       · val is the reference value for  the  test  (typically  a
         symbolic constant, an integer constant, or a string lit­
         eral).

       An event record is said to pass the test if the comparison
       between  the  reference  value  and the value of the named
       attribute in the event  record  evaluates  to  true  (non-
       zero).

       More  complex  queries  can  be  constructed  by combining
       queries using operators such as && and  ||  (and  and  or,
       respectively),  or  by negating a query using the ! opera­
       tor. An event record is said to match a query if the query
       expression evaluates to true (non-zero) for that record.

       The  following  table  lists  the  supported operations on
       event record attributes.

       Note that the 5th column, Std, contains either a  Y  (yes)
       if  this  row  of the table is required by the draft POSIX
       standard, or an N (no) if it represents  an  extension  in
       Linux event logging.

       Also  note  that  following each "row" of the table is the
       interpretation of <attribute-name> <op> <val>.  For  exam­
       ple, "Integer comparison".

       posix_log_entry    Attribute   Operand   Supported     Std
       Member             name        type      operations

       log_recid          recid      integer   =, !=, <,      Y
                                               <=, >, >=

       one of the following format names: NODATA, STRING, BINARY.

       log_event_type     event_type integer   =, !=, <,      Y
                                               <=, >, >=

       Integer comparison

       log_facility       facility   string    =, !=          Y

       strcmp of string representation of log_facility with  val.
       val shall be a string literal; one of the following facil­
       ity names: AUTH, CRON, DAEMON, KERN, LPR, MAIL, NEWS, SYS­
       LOG,   LOGMGMT,  USER,  LOCAL0,  LOCAL1,  LOCAL2,  LOCAL3,
       LOCAL4, LOCAL5, LOCAL6, LOCAL7,  or  other  facility  name
       defined in the facility registry.

       log_facility       facility   string    ~, !~          Y

       regexec  comparison of string representation of log_facil­
       ity with regular expression val.

       log_facility       facility   integer   =, !=, <,      N
                                               <=, >, >=

       Integer comparison.

       log_severity       severity   severity   =, !=, <,     Y
                                                <=, >, >=

       Compare of log_severity with val. val shall be one of  the
       following  severity  names: EMERG, ALERT, CRIT, ERR, WARN­
       ING, NOTICE, INFO, DEBUG.

       log_uid            uid        integer    =, !=, <,     Y
                                                <=, >, >=

       Integer comparison.

       log_uid            uid        string     =, !=         Y

       strcmp of string representation of log_uid with val.

       log_gid            gid        integer    =, !=, <,     Y
                                                <=, >, >=


       log_pgrp           pgrp       integer    =, !=, <,     Y
                                                <=, >, >=Y

       Integer comparison.

       log_time           time       integer    =, !=, <,     Y
                                                <=, >, >=Y

       Interpret val as time_t  and  perform  integer  comparison
       with log_time.tv_sec.

       log_time           time       string     =, !=,        N
                                                contains

       strcmp of string representation of log_time with val.

       log_time           time       string     ~, !~         N

       regexec  of string representation of log_time with regular
       expression val.

       log_time           age        integer    =, !=, <,     N
                                                <=, >, >=

       Comparison of the age of the event record, in  days,  with
       val.

       The  age of an event record is now (as returned by time())
       minus the event record's timestamp. now is  computed  each
       time  that the query is evaluated against an event record.

       If a letter does not follow the numeric  value  (ie.  'age
       >"7d" '), then the numeric value is interpreted as "number
       of days."

       log_time           age        string     =, !=, <,     N
                                                <=, >, >=

       Comparison of the age of the event record  with  the  time
       span  indicated  by  val.  val  shall consist of a decimal
       integer followed by the letter s (seconds), m (minutes), h
       (hours), or d (days).

       The  age of an event record is now (as returned by time())

       log_thread        thread      string     =, !=         Y

       strcmp of string representation of log_thread with val.

       log_thread        thread      integer    =, !=, <,     N
                                                <=, >, >=

       Integer comparison.

       log_processor     processor   string     =, !=         Y

       strcmp of string representation of log_thread with val.

       log_processor     processor   string     ~, !~         Y

       regexec  of  string  representation  of log_processor with
       regular expression val.

       log_processor     processor   integer    =, !=, <,     N
                                                <=, >, >=

       Integer comparison.

       None              host        string     =, !=         N

       strcmp of string representation of hostname with val.  The
       string  representation of hosts other than the local host,
       along with the integer value assigned to it, are stored in
       /var/evlog.d/evlhosts.   The integer value assigned to the
       local host is always 0.

       None              host        string     ~, !~         N

       regexec comparison of string  representation  of  hostname
       with regular expression val.  The string representation of
       hosts other than the local host, along  with  the  integer
       value assigned to it, are stored in /var/evlog.d/evlhosts.
       The integer value assigned to the local host is always  0.

       None              host        integer    =, !=         N

       Integer  comparison.   The  string representation of hosts
       If the value of log_format is POSIX_LOG_STRING, strcmp  of
       the  variable  portion  of  the record with val; otherwise
       zero.

       None              data        string     contains      Y

       Evaluates  to  1   if   the   value   of   log_format   is
       POSIX_LOG_STRING  and  the  substring  val  appears in the
       variable portion of the record; otherwise zero.

       None              data        string     ~, !~         Y

       If the value of log_format  is  POSIX_LOG_STRING,  regexec
       comparison  of the variable portion of the record with the
       regular expression val; otherwise zero.

                         6 December 2002               EVLQUERY()

An undefined database error occurred. SELECT distinct pages.pagepath,pages.pageid FROM pages, page2command WHERE pages.pageid = page2command.pageid AND commandid =


  




Login
Nickname

Password

Security Code
Security Code
Type Security Code


Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!


Amazon Wish List

Did You Know?
You can choose larger fonts by selecting a different themes.


Friends



Tell a Friend About Us

Bookmark and Share



Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.07 Seconds