1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
|
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!--
`xsltproc -''-nonet \
-''-param man.charmap.use.subset "0" \
-''-param make.year.ranges "1" \
-''-param make.single.year.ranges "1" \
/usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl \
manpage.xml'
A manual page <package>.<section> will be generated. You may view the
manual page with: nroff -man <package>.<section> | less'. A typical entry
in a Makefile or Makefile.am is:
DB2MAN = /usr/share/sgml/docbook/stylesheet/xsl/docbook-xsl/manpages/docbook.xsl
XP = xsltproc -''-nonet -''-param man.charmap.use.subset "0"
manpage.1: manpage.xml
$(XP) $(DB2MAN) $<
The xsltproc binary is found in the xsltproc package. The XSL files are in
docbook-xsl. A description of the parameters you can use can be found in the
docbook-xsl-doc-* packages. Please remember that if you create the nroff
version in one of the debian/rules file targets (such as build), you will need
to include xsltproc and docbook-xsl in your Build-Depends control field.
Alternatively use the xmlto command/package. That will also automatically
pull in xsltproc and docbook-xsl.
Notes for using docbook2x: docbook2x-man does not automatically create the
AUTHOR(S) and COPYRIGHT sections. In this case, please add them manually as
<refsect1> ... </refsect1>.
To disable the automatic creation of the AUTHOR(S) and COPYRIGHT sections
read /usr/share/doc/docbook-xsl/doc/manpages/authors.html. This file can be
found in the docbook-xsl-doc-html package.
Validation can be done using: `xmllint -''-noout -''-valid manpage.xml`
General documentation about man-pages and man-page-formatting:
man(1), man(7), http://www.tldp.org/HOWTO/Man-Page/
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "Markus">
<!ENTITY dhsurname "Wurzenberger">
<!-- dhusername could also be set to "&dhfirstname; &dhsurname;". -->
<!ENTITY dhusername "Markus Wurzenberger">
<!ENTITY dhemail "markus.wurzenberger@ait.ac.at">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1) and
http://www.tldp.org/HOWTO/Man-Page/q2.html. -->
<!ENTITY dhsection "1">
<!-- TITLE should be something like "User commands" or similar (see
http://www.tldp.org/HOWTO/Man-Page/q2.html). -->
<!ENTITY dhtitle "logdata-anomaly-miner User Manual">
<!ENTITY dhucpackage "LOGDATA-ANOMALY-MINER">
<!ENTITY dhpackage "logdata-anomaly-miner">
]>
<refentry>
<refentryinfo>
<title>&dhtitle;</title>
<productname>&dhpackage;</productname>
<authorgroup>
<author>
<firstname>&dhfirstname;</firstname>
<surname>&dhsurname;</surname>
<contrib>Wrote this manpage for the Debian system.</contrib>
<address>
<email>&dhemail;</email>
</address>
</author>
</authorgroup>
<copyright>
<year>2016</year>
<holder>&dhusername;</holder>
</copyright>
<legalnotice>
<para>This manual page was written for the Debian system
(and may be used by others).</para>
<para>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU General Public License,
Version 3.</para>
<para>On Debian systems, the complete text of the GNU General Public
License can be found in
<filename>/usr/share/common-licenses/GPL</filename>.</para>
</legalnotice>
</refentryinfo>
<refmeta>
<refentrytitle>AMINER</refentrytitle>
<manvolnum>&dhsection;</manvolnum>
</refmeta>
<refnamediv>
<refname>aminer</refname>
<refpurpose>lightweight tool for log checking, log analysis</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>aminer</command>
<!-- These are several examples, how syntaxes could look -->
<arg choice="plain"><option>--Config|--config|-c <replaceable>file</replaceable></option></arg>
<arg choice="plain"><option>[OPTIONS]...</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id="description">
<title>DESCRIPTION</title>
<para>This manual page documents briefly the <command>aminer</command>
command. For more details see packaged documentation at
/usr/share/doc/logdata-anomaly-miner.</para>
</refsect1>
<refsect1 id="options">
<title>OPTIONS</title>
<variablelist>
<!-- Use the variablelist.term.separator and the
variablelist.term.break.after parameters to
control the term elements. -->
<varlistentry>
<term><option>--config, -c <replaceable>file</replaceable></option></term>
<listitem>
<para>Specify the configuration file, otherwise /etc/aminer/config.py
is used. See /etc/aminer/template_config.py or /etc/aminer/template_config.yml
for configuration file templates and examples.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--daemon, -D</option></term>
<listitem>
<para>With this parameter, aminer will detach from
the terminal and daemonize. When not in foreground mode,
aminer will also change the working directory to /,
hence relative path in configuration file will not work.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--stat, -s <replaceable>stat-level</replaceable></option></term>
<listitem>
<para>Set the statistic logging level. Possible stat-levels
are 0 for no statistics, 1 (default) for normal statistic
level and 2 for verbose statistics.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--debug, -d <replaceable>debug-level</replaceable></option></term>
<listitem>
<para>Set the debug logging level. Possible debug-levels are 0 for no debugging,
1 (default) for normal output (INFO and above), 2 for printing all debug information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--run-analysis</option></term>
<listitem>
<para>INTERNAL PARAMETER - DO NOT USE. It is just documented
here for completeness.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--restore, -R <replaceable>backup-directory</replaceable></option></term>
<listitem>
<para>Restores the persistence directory from <replaceable>backup-directory</replaceable>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--clear, -C</option></term>
<listitem>
<para>With this parameter all persisted data in config_properties['Core.PersistenceDir']
is deleted. USE THIS PARAMETER CAREFULLY. IT DELETES ALL
SUB-DIRECTORIES OF THE PERSISTENCE DIRECTORY.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--remove, -r <replaceable>directory</replaceable></option></term>
<listitem>
<para>Remove persisted data of one Detector.</para>
<para><option>Example 1: </option>--remove NewMatchPathDetector</para>
<para><option>Example 2: </option>--remove NewMatchPathDetector --remove EventCorrelationDetector</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--from-begin, -f</option></term>
<listitem>
<para>With this parameter all live data in
config_properties['Core.PersistenceDir']/AnalysisChild/RepositioningData
is deleted.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--help, -h</option></term>
<listitem>
<para>Prints the help-screen</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--version, -v</option></term>
<listitem>
<para>Prints the version-string</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="files">
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/aminer/config.py</filename></term>
<listitem>
<para>The main configuration file for the aminer daemon.
See /etc/aminer/template_config.py and /etc/aminer/template_config.yml
for configuration file templates and examples.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="bugs">
<title>BUGS</title>
<para>
Report bugs via your distribution's bug tracking system.
For bugs in the the software trunk, report via
at <ulink url="https://github.com/ait-aecid/logdata-anomaly-miner/issues"/>.</para>
<para>At startup, aminer will quite likely print out some
security warnings to increase transparency. They are here
just to remind you of the limitations the current implementation.
They should be the same as for nearly all other programs
on your platform, just that others do not tell you. See
the source code documentation for a short explanation, why
a given part of the implementation is not that secure as
it could be when leveraging the security features a platform
could provide you.</para>
</refsect1>
<refsect1 id="see_also">
<title>SEE ALSO</title>
<!-- In alpabetical order. -->
<para>
<citerefentry><refentrytitle>aminerremotecontrol</refentrytitle><manvolnum>1</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>
|
