 |
Index for
Section 1 |
|
 |
Alphabetical
listing for E |
|
 |
Bottom of
page |
|
evmget(1)
NAME
evmget - Retrieves stored events
SYNOPSIS
evmget [-e] [-f filter_expr] [-h hostname[:port_no]]...
OPTIONS
-e Terminates after validating the supplied command parameters. This
feature can be used to check the syntax of a filter expression or to
verify the ability to establish a remote connection.
-f filter_expr
Outputs only events which match the filter_expr. See the EvmFilter(5)
reference page for the syntax of filter_expr.
-h hostname[:port_no]
Attempts to connect to the EVM daemon on the host hostname, rather than
to the local daemon.
This option may be repeated to obtain events from several hosts. If
the name of the local host is specified, a remote connection is made to
the local daemon.
If :port_no is specified, port_no is used for TCP communication with
the remote EVM daemon; otherwise, the evm port number found in
/etc/services is used. If no entry is found in /etc/services, the
reserved default value of 619 is used. The port number must be the
same as the portnum specified in the EVM daemon configuration file,
/etc/evmdaemon.conf. In most cases, the default should be used.
OPERANDS
None
DESCRIPTION
The evmget command retrieves stored events and outputs them to stdout as
EVM events. Events are obtained from a configured set of log files and
event channels, using channel-specific retrieval functions as specified in
the channel configuration file. Events are output in raw (binary) form,
and must be piped through evmshow if display is required.
Because events may be retrieved from more than one source, there is no
guarantee that they will be returned in any particular order. Ordering can
be controlled by piping the event stream through evmsort.
For security reasons, the ability to make a remote connection for event
retrieval is controlled by the setting of remote_connection in the daemon
configuration file, /etc/evmdaemon.conf.
RESTRICTIONS
The evmget command rejects attempts to output raw events to a terminal
device.
The evmget command will retrieve only events for which the user has access
authorization. See evm.auth(4) for details on access authorization.
EXAMPLES
The following example uses evmget to retrieve events and pipes the events
through evmshow to display the events.
evmget | evmshow | more
In the following example, all available events are retrieved and piped to
evmshow for formatting.
evmget | evmshow -t "@timestamp @@"
This example retrieves only events which have a priority value of at least
500. The raw events are sorted into descending timestamp order and stored
in a file.
evmget -f "[priority >= 500]" | evmsort -s @timestamp- > my_eventfile
This example uses a stored filter to retrieve all AdvFS events, sorts them
into ascending timestamp order (the default order), and displays them.
evmget -f "@sys:advfs" | evmsort | evmshow -t "@timestamp @@"
This example retrieves events from two remote hosts, sorts them into
chronological and hostname order, and displays them.
evmget -f "[priority >= 600]" -h kipper -h sniffer |
evmsort -s "@timestamp:@host_name" |
evmshow -t "@timestamp @host_name%8 @@"
EXIT VALUES
The following exit values are returned:
0 Successful completion
not 0
An error occurred
FILES
/etc/evmchannel.conf
Location of the EVM channel configuration file.
/etc/evmdaemon.conf
Location of the EVM daemon configuration file.
/etc/services
Definition of the sockets and protocols used for Internet
services.
SEE ALSO
Commands: evmpost(1), evminfo(1), evmshow(1), evmsort(1), evmwatch(1)
Files: evmchannel.conf(4), evmdaemon.conf(4), evmfilterfile(4), services(4)
Event Management: EVM(5)
EVM Events: EvmEvent(5)
Event Filter: EvmFilter(5)
|
Index for
Section 1 |
|
|
Alphabetical
listing for E |
|
 |
Top of
page |
|