samba-log-parser(1)

1SAMBA-LOG-PARSER(1)              User Commands             SAMBA-LOG-PARSER(1)
2
3
4

NAME

6       samba-log-parser - Samba (winbind) trace parser.
7
8       options:
9         -h, --help     show this help message and exit
10         --traceid ID   specify the traceid of the trace records
11         --pid PID      specify the pid of winbind client
12         --breakdown    breakdown the traces into per traceid files
13         --merge-by-timestamp   merge logs by timestamp
14         --flow         show the request/sub-request flow traces
15         --flow-compact show the request/sub-request flow traces without
16       dcerpc details
17

SYNOPSIS

19       samba-log-parser {path} [--pid=PID] [--traceid=ID] [--breakdown]
20        [--merge-by-timestamp] [--flow] [--flow-compact] [-h|--help]
21

DESCRIPTION

23       This tool is part of the samba(7) suite.
24
25       The samba-log-parser program parses samba winbind logs.
26

OPTIONS

28       The following options are available to the samba-log-parser program.
29
30       --pid=PID
31           Display traces for winbind client with the matching PID.
32
33       --traceid=ID
34           Display traces with matching traceid debug header field.
35
36       --breakdown
37           Break down all traces to separate files in the current working
38           directory. For each traceid, three files are created: traceid.full
39           traceid.flow traceid.flowcompact
40
41       --merge-by-timestamp
42           Sort the trace lines according to the timestamp. Works with log
43           files without traceid header field as well.
44
45       --flow
46           Display the request/sub-request flow.
47
48       --flow-compact
49           Display the request/sub-request flow without dcerpc call details.
50

EXAMPLES

52       Show the flow traces for trace id 1234 from log file log.winbind:
53
54                # samba-log-parser --traceid 1234 --flow /var/log/samba/log.winbind
55
56
57       Show the full traces for winbind client with PID 999999 sorted using
58       the timestamp for log files found in the samba log directory:
59
60                # samba-log-parser --pid 999999 --merge-by-timestamp /var/log/samba
61
62
63       Break down the traces into separate files according to traceid sorted
64       using the timestamp for log files found in the samba log directory:
65
66                # samba-log-parser --breakdown --merge-by-timestamp /var/log/samba
67
68
69       Sort traces using the timestamp for log files found in the samba log
70       directory. Traces do not need to contain the traceid header field.
71
72                # samba-log-parser --merge-by-timestamp /var/log/samba
73
74

VERSION

76       This man page is part of version 4.19.3 of the Samba suite.
77

AUTHOR

79       The original Samba software and related utilities were created by
80       Andrew Tridgell. Samba is now developed by the Samba Team as an Open
81       Source project similar to the way the Linux kernel is developed.
82
83
84
85Samba 4.19.3                      11/27/2023               SAMBA-LOG-PARSER(1)