1SYSLOG-NG-DEBUN(1)      The syslog-ng-debun manual pag      SYSLOG-NG-DEBUN(1)
2
3
4

NAME

6       syslog-ng-debun - syslog-ng DEBUg buNdle generator
7

SYNOPSIS

9       syslog-ng-debun [options]
10

DESCRIPTION

12       NOTE: The syslog-ng-debun application is distributed with the system
13       logging application, and is usually part of the package. The latest
14       version of the application is available at .
15
16       This manual page is only an abstract, for the complete documentation of
17       syslog-ng, see The syslog-ng Administrator Guide[1].
18
19       The syslog-ng-debun tool collects and saves information about your
20       installation, making troubleshooting easier, especially if you ask help
21       about your related problem.
22

GENERAL OPTIONS

24       -r
25           Run syslog-ng-debun. Using this option is required to actually
26           execute the data collection with syslog-ng-debun. It is needed to
27           prevent accidentally running syslog-ng-debun.
28
29       -h
30           Display the help page.
31
32       -l
33           Do not collect privacy-sensitive data, for example, process tree,
34           fstab, and so on. If you use with -d, then the following parameters
35           will be used for debug mode:-Fev
36
37       -R <directory>
38           The directory where is installed instead of /opt/syslog-ng.
39
40       -W <directory>
41           Set the working directory, where the debug bundle will be saved.
42           Default value: /tmp. The name of the created file is
43           syslog.debun.${host}.${date}.${3-random-characters-or-pid}.tgz
44

DEBUG MODE OPTIONS

46       -d
47           Start in debug mode, using the -Fedv --enable-core options.
48
49           Warning! Using this option under high message load may increase
50           disk I/O during the debug, and the resulting debug bundle can be
51           huge. To exit debug mode, press Enter.
52
53       -D <options>
54           Start in debug mode, using the specified command-line options. To
55           exit debug mode, press Enter. For details on the available options,
56           see ???.
57
58       -t <seconds>
59           Run in noninteractive debug mode for <seconds>, and automatically
60           exit debug mode after the specified number of seconds.
61
62       -w <seconds>
63           Wait <seconds> seconds before starting debug mode.
64

SYSTEM CALL TRACING

66       -s
67           Enable syscall tracing (strace -f or truss -f). Note that using -s
68           itself does not enable debug mode, only traces the system calls of
69           an already running process. To trace system calls in debug mode,
70           use both the -s and -d options.
71

PACKET CAPTURE OPTIONS

73       Capturing packets requires a packet capture tool on the host. The
74       syslog-ng-debun tool attempts to use tcpdump on most platforms, except
75       for Solaris, where it uses snoop.
76
77       -i <interface>
78           Capture packets only on the specified interface, for example, eth0.
79
80       -p
81           Capture incoming packets using the following filter: port 514 or
82           port 601 or port 53
83
84       -P <options>
85           Capture incoming packets using the specified filter.
86
87       -t <seconds>
88           Run in noninteractive debug mode for <seconds>, and automatically
89           exit debug mode after the specified number of seconds.
90

EXAMPLES

92           syslog-ng-debun -r
93
94       Create a simple debug bundle, collecting information about your
95       environment, for example, list packages containing the word: syslog,
96       ldd of your syslog-binary, and so on.
97
98           syslog-ng-debun -r -l
99
100       Similar to syslog-ng-debun -r, but without privacy-sensitive
101       information. For example, the following is NOT collected: fstab, df
102       output, mount info, ip / network interface configuration, DNS resolv
103       info, and process tree.
104
105           syslog-ng-debun -r -d
106
107       Similar to syslog-ng-debun -r, but it also stops syslog-ng, then
108       restarts it in debug mode (-Fedv --enable-core). To stop debug mode,
109       press Enter. The output of the debug mode collected into a separate
110       file, and also added to the debug bundle.
111
112           syslog-ng-debun -r -s
113
114       Trace the system calls (using strace or truss) of an already running
115       process.
116
117           syslog-ng-debun -r -d -s
118
119       Restart in debug mode, and also trace the system calls (using strace or
120       truss) of the process.
121
122           syslog-ng-debun -r -p
123
124       Run packet capture (pcap) with the filter: port 514 or port 601 or port
125       53 Also waits for pressing Enter, like debug mode.
126
127           syslog-ng-debun -r -p -t 10
128
129       Noninteractive debug mode: Similar to syslog-ng-debun -r -p, but
130       automatically exit after 10 seconds.
131
132           syslog-ng-debun -r -P "host 1.2.3.4"  -D "-Fev --enable-core"
133
134       Change the packet-capturing filter from the default to host 1.2.3.4.
135       Also change debugging parameters from the default to -Fev
136       --enable-core. Since a timeout (-t) is not given, waits for pressing
137       Enter.
138
139           syslog-ng-debun -r -p -d -w 5 -t 10
140
141       Collect pcap and debug mode output following this scenario:
142
143       ·   Start packet capture with default parameters (-p)
144
145       ·   Wait 5 seconds (-w 5)
146
147       ·   Stop syslog-ng
148
149       ·   Start syslog-ng in debug mode with default parameters (-d)
150
151       ·   Wait 10 seconds (-t 10)
152
153       ·   Stop syslog-ng debuging
154
155       ·   Start syslog-ng
156
157       ·   Stop packet capturing
158

FILES

160       /usr/local/bin/loggen
161

SEE ALSO

163       syslog-ng.conf(5)
164
165           Note
166           For the detailed documentation of see The 3.25 Administrator
167           Guide[2]
168
169           If you experience any problems or need help with syslog-ng, visit
170           the syslog-ng mailing list[3].
171
172           For news and notifications about of syslog-ng, visit the syslog-ng
173           blogs[4].
174

AUTHOR

176       This manual page was written by the Balabit Documentation Team
177       <documentation@balabit.com>.
178

NOTES

181        1. The syslog-ng Administrator Guide
182           https://www.balabit.com/support/documentation/
183
184        2. The  3.25 Administrator Guide
185           https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/index.html
186
187        3. syslog-ng mailing list
188           https://lists.balabit.hu/mailman/listinfo/syslog-ng
189
190        4. syslog-ng blogs
191           https://syslog-ng.org/blogs/
192
193
194
1953.25                              12/12/2019                SYSLOG-NG-DEBUN(1)
Impressum