Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   18016 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

logcheck-test(1)					      logcheck-test(1)

NAME
       logcheck-test - test new logcheck rules easily

SYNOPSIS
       logcheck-test [-q|-i] [-a|-s|-l FILE] [-e] [-P PREFIX] [-S SUFFIX] RULE
       logcheck-test [-q|-i] [-a|-s|-l FILE] -r RULEFILE

DESCRIPTION
       logcheck-test  parses a log file for matching lines specified by a sin‐
       gle rule or a rule file. If using a single RULE you can	set  a	PREFIX
       and a SUFFIX to write new rules easily.

OPTIONS
       -h, --help
	      Show usage information

       -a, --auth.log
	      Parse /var/log/auth.log for matching lines

       -s, --syslog
	      Parse /var/log/syslog for matching lines

       -l, --log-file FILE
	      Parse FILE for matching lines

       -i, --invert-match
	      Show line that don't match the RULE or the RULEFILE

       -q, --quiet
	      Suppress rule summary at the end of output

       -e, --surround-rule
	      Surround RULE with standard prefix and suffix:

	      ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]-]+ RULE$

       -P, --append-prefix PREFIX
	      Append PREFIX to rule prefix. Option can be given multiple times

       -S, --prepend-suffix SUFFIX
	      Prepend  SUFFIX  to  rule	 suffix.  Option can be given multiple
	      times

       -r, --rule-file RULEFILE
	      Use file RULEFILE for rule input

EXAMPLES
       With logcheck-test you can easily write and test new rules.

       Test a single rule against /var/log/syslog:
	      logcheck -s "RULE"

       Test a single rule against ~/log, surround the rule with standard  pre‐
       fix and suffix and append "kernel " to prefix:
	      logcheck -l ~/log -e -P "kernel " "RULE"

       Test the rules in rulefiles/linux/ignore.d.server/kernel against ~/log:
	      logcheck -l ~/log -r rulefiles/linux/ignore.d.server/kernel

       Test  which  lines  the rules in rulefiles/linux/ignore.d.server/kernel
       doesn't match:
	      logcheck -l ~/log -r rulefiles/linux/ignore.d.server/kernel -i


EXIT STATUS
       On successful matching logcheck-test will complete with exit code 0. An
       exit code of 1 indicates no successful matching.

       An exit code greater then 1 indicates an error occurred. Textual errors
       are written to the standard error stream.

SEE ALSO
       logcheck(8)

AUTHOR
       logcheck	 is   developed	  by   Debian	logcheck   Team	  at   alioth:
       http://alioth.debian.org/projects/logcheck/. This manual was written by
       Hannes von Haugwitz <hannes@vonhaugwitz.com>.

				 Feb 19, 2010		      logcheck-test(1)

Vote for polarhome