Appendix K. Log Files Format |
Events on the Server (see , p. Dr.Web Server Logging) and the Agent are logged into a text file, where every line is a separate message. The format of a message line is as follows: <year><month><day>.<hour><minute><second>.<centisecond> <message_type> [<process_id>] <thread_name> [<message_source>] <message> where: •<year><month><date>.<hour><minute><second>.<hundredth_of_second>—exact date of message entry to the log file. •<message_type>—log level: ▫ ()—instructs to inform only of the most severe errors; ▫ ()—notify of operation errors; ▫ ()—warn about errors; ▫ ()—display important information messages; ▫ ()—display information messages; ▫ (trace0..3—tracing)—enable tracing events according to the level of detail. ( instructs to log in the maximum level of detail); ▫ (debug0..3—debugging)—instruct to log debugging events according to the level of detail ( instructs to log in the maximum level of detail).
•[<process_id>]—unique numerical identifier of the process within which the thread that wrote the message to the log file was executed. Under certain OS [<process_id>] may be represented as [<process_id> <thread_id>]. •<thread_name>—character representation of the thread within which the message was logged. •[<message_source>]—name of the system that initiated logging the message. The source is not always present. •<message>—text description according to the log level. It may include both a formal description of the event and the values of certain event-relevant variables. For example: 1.20081023.171700.74 inf [001316] mth:12 [Sch] Job "Purge unsent IS events" said OK where: •20081023—<year><month><date>, •171700—<hour><minute><second>, •74—<hundredth_of_second>, •inf—<message_type>, •[001316]—[<process_id>], •mth:12—<thread_name>, •[Sch]—[<message_source>], •Task "Purge unsent IS events" said OK—<message> about the correct performance of the events task. 2.20081028.135755.61 inf [001556] srv:0 tcp/10.3.0.55:3575/025D4F80:2: new connection at tcp/10.3.0.75:2193 where: •20081028—<year><month><date>, •135755—<hour><minute><second>, •61—<hundredth_of_second>, •inf—<message_type>, •[001556]—[<process_id>], •srv:0—<thread_name>, •tcp/10.3.0.55:3575/025D4F80:2: new connection at tcp/10.3.0.75:2193—<message> about having established a new connection through the specified socket.
|