11.31.2 Log Entry Format

Entries in the log consist of the following components:

• Tag consisting of:
  • Time of day ( hhmmss )
  • Machine name (for example, the name returned by the uname(1) command on a UNIX system)
  • Name, process ID, and thread ID (which is 0 on platforms that do not support threads) of the thread calling userlog (3c)
  • Context ID of the thread calling userlog(3c)
• Message text

  The text of each message is preceded by the catalog name and number of that message.

• Optional arguments in printf(3S) format

For example, suppose that a security program executes the following call at 4:22:14pm on a UNIX machine called mach1 (as returned by the uname command):

userlog("Unknown User ’%s’ \n", usrnm);

The resulting log entry appears as follows:

162214.mach1!security.23451: Unknown User ’abc’

In this example, the process ID for security is 23451, and the variable usrnm contains the value abc.

If the preceding message was generated by the Oracle Tuxedo system (rather than by the application), it might appear as follows:

162214.mach1!security.23451: LIBSEC_CAT: 999: Unknown User ’abc’

In this case, the message catalog name is LIBSEC_CAT and the message number is 999.

If the message is sent to the central event log while the process is in transaction mode, other components are added to the tag in the user log entry. These components consist of the literal string gtrid followed by three long hexadecimal integers. The integers uniquely identify the global transaction and make up what is referred to as the global transaction identifier, that is, the gtrid. This identifier is used mainly for administrative purposes, but it also appears in the tag that prefixes the messages in the central event log. If the system writes the message to the central event log in transaction mode, the resulting log entry appears as follows:

162214.mach1!security.23451: gtrid x2 x24e1b803 x239: Unknown User ’abc’