syslog-ng-debun(1)



SYSLOG-NG-DEBUN(1)      The syslog-ng-debun manual pag      SYSLOG-NG-DEBUN(1)

NAME
       syslog-ng-debun - syslog-ng DEBUg buNdle generator

SYNOPSIS
       syslog-ng-debun [options]

DESCRIPTION
       NOTE: The syslog-ng-debun application is distributed with the system
       logging application, and is usually part of the package. The latest
       version of the application is available at .

       This manual page is only an abstract, for the complete documentation of
       syslog-ng, see The syslog-ng Administrator Guide[1].

       The syslog-ng-debun tool collects and saves information about your
       installation, making troubleshooting easier, especially if you ask help
       about your related problem.

GENERAL OPTIONS
       -r
           Run syslog-ng-debun. Using this option is required to actually
           execute the data collection with syslog-ng-debun. It is needed to
           prevent accidentally running syslog-ng-debun.

       -h
           Display the help page.

       -l
           Do not collect privacy-sensitive data, for example, process tree,
           fstab, and so on. If you use with -d, then the following parameters
           will be used for debug mode:-Fev

       -R <directory>
           The directory where is installed instead of /opt/syslog-ng.

       -W <directory>
           Set the working directory, where the debug bundle will be saved.
           Default value: /tmp. The name of the created file is
           syslog.debun.${host}.${date}.${3-random-characters-or-pid}.tgz

DEBUG MODE OPTIONS
       -d
           Start in debug mode, using the -Fedv --enable-core options.

           Warning! Using this option under high message load may increase
           disk I/O during the debug, and the resulting debug bundle can be
           huge. To exit debug mode, press Enter.

       -D <options>
           Start in debug mode, using the specified command-line options. To
           exit debug mode, press Enter. For details on the available options,
           see ???.

       -t <seconds>
           Run in noninteractive debug mode for <seconds>, and automatically
           exit debug mode after the specified number of seconds.

       -w <seconds>
           Wait <seconds> seconds before starting debug mode.

SYSTEM CALL TRACING
       -s
           Enable syscall tracing (strace -f or truss -f). Note that using -s
           itself does not enable debug mode, only traces the system calls of
           an already running process. To trace system calls in debug mode,
           use both the -s and -d options.

PACKET CAPTURE OPTIONS
       Capturing packets requires a packet capture tool on the host. The
       syslog-ng-debun tool attempts to use tcpdump on most platforms, except
       for Solaris, where it uses snoop.

       -i <interface>
           Capture packets only on the specified interface, for example, eth0.

       -p
           Capture incoming packets using the following filter: port 514 or
           port 601 or port 53

       -P <options>
           Capture incoming packets using the specified filter.

       -t <seconds>
           Run in noninteractive debug mode for <seconds>, and automatically
           exit debug mode after the specified number of seconds.

EXAMPLES
           syslog-ng-debun -r

       Create a simple debug bundle, collecting information about your
       environment, for example, list packages containing the word: syslog,
       ldd of your syslog-binary, and so on.

           syslog-ng-debun -r -l

       Similar to syslog-ng-debun -r, but without privacy-sensitive
       information. For example, the following is NOT collected: fstab, df
       output, mount info, ip / network interface configuration, DNS resolv
       info, and process tree.

           syslog-ng-debun -r -d

       Similar to syslog-ng-debun -r, but it also stops syslog-ng, then
       restarts it in debug mode (-Fedv --enable-core). To stop debug mode,
       press Enter. The output of the debug mode collected into a separate
       file, and also added to the debug bundle.

           syslog-ng-debun -r -s

       Trace the system calls (using strace or truss) of an already running
       process.

           syslog-ng-debun -r -d -s

       Restart in debug mode, and also trace the system calls (using strace or
       truss) of the process.

           syslog-ng-debun -r -p

       Run packet capture (pcap) with the filter: port 514 or port 601 or port
       53 Also waits for pressing Enter, like debug mode.

           syslog-ng-debun -r -p -t 10

       Noninteractive debug mode: Similar to syslog-ng-debun -r -p, but
       automatically exit after 10 seconds.

           syslog-ng-debun -r -P "host 1.2.3.4"  -D "-Fev --enable-core"

       Change the packet-capturing filter from the default to host 1.2.3.4.
       Also change debugging parameters from the default to -Fev
       --enable-core. Since a timeout (-t) is not given, waits for pressing
       Enter.

           syslog-ng-debun -r -p -d -w 5 -t 10

       Collect pcap and debug mode output following this scenario:

       o   Start packet capture with default parameters (-p)

       o   Wait 5 seconds (-w 5)

       o   Stop syslog-ng

       o   Start syslog-ng in debug mode with default parameters (-d)

       o   Wait 10 seconds (-t 10)

       o   Stop syslog-ng debuging

       o   Start syslog-ng

       o   Stop packet capturing

FILES
       /usr/bin/loggen

SEE ALSO
       syslog-ng.conf(5)

           Note
           For the detailed documentation of see The 3.13 Administrator
           Guide[2]

           If you experience any problems or need help with syslog-ng, visit
           the syslog-ng mailing list[3].

           For news and notifications about of syslog-ng, visit the syslog-ng
           blogs[4].

AUTHOR
       This manual page was written by the Balabit Documentation Team
       <documentation@balabit.com>.

COPYRIGHT
NOTES
        1. The syslog-ng Administrator Guide
           https://www.balabit.com/support/documentation/

        2. The  3.13 Administrator Guide
           https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html

        3. syslog-ng mailing list
           https://lists.balabit.hu/mailman/listinfo/syslog-ng

        4. syslog-ng blogs
           https://syslog-ng.org/blogs/

3.13                              03/04/2018                SYSLOG-NG-DEBUN(1)

Man(1) output converted with man2html
list of all man pages