IBM Enterprise Console manual Log File Example, v %lengths+, v %t

Matches one constant in the message. The optional length is a decimal number of any size and allows the constant to be truncated to the length if the constant actual length is greater than the specifier length.

v%[length]s*

Matches zero or more constants in the system log message. The optional length is a decimal number of any size and allows any of the accumulated constants to be truncated to the length if the constant actual length is greater than the specifier length.

v%[length]s+

Matches one or more constants in the message. The optional length is a decimal number of any size and allows any of the accumulated constants to be truncated to the length if the constant actual length is greater than the specifier length.

v%t

Matches a time stamp of the following form: month date time

Log File Example

The following successful su message from a system log is an example of matching a system log message to the generic format specification mentioned in the preceding section:

Sep 13 12:17:11 elcap su: ’su root’ succeeded for tjones on /dev/ttyp0

The component specifiers and matches are as follows:

%t Sep 13 12:17:11

%s elcap

%s* su: ’su root’ succeeded for tjones on /dev/ttyp0

The system log message contains some constant parts and some variable parts. The constant parts of the system log message will be the same for any successful su message. The constant parts are as follows:

vsu: ’su

v’ succeeded for

von

The variable parts of the example system log message are as follows:

vSep 13 12:17:11

velcap

vroot

vtjones

v/dev/ttyp0

The following example shows how the variable data differs in another successful su message:

Sep 29 14:57:28 aspen su: ’su root’ succeeded for jsmith on /dev/ttypd

The general format specification %t %s %s* can be specialized for the Su_Success event class as follows:

%t %s su: ’su %s’ succeeded for %s on %s

Appendix B. Format File Reference 147