Types
LogDir = string()
Mibs = [MibName]
OutFile = string()
MibName = string()
LogName = string()
LogFile = string()
Start = Stop = null | datetime() | {local_time,datetime()} | {universal_time,datetime()}
Block = boolean()
Cnt = {NumOK, NumERR}
NumOK = non_neg_integer()
NumERR = pos_integer()
Reason = term()
Converts an Audit Trail Log to a readable text file, where each item has a trailing TAB character, and any TAB character in the body of an item has been replaced by ESC TAB.
The function can be used on a running system, or by copying the entire log directory and calling this function. SNMP must be running in order to provide MIB information.
LogDir is the name of the directory where the audit trail log is stored. Mibs is a list of Mibs to be used. The function uses the information in the Mibs to convert for example object identifiers to their symbolic name. OutFile is the name of the generated text-file. LogName is the name of the log, LogFile is the name of the log file. Start is the start (first) date and time from which log events will be converted and Stop is the stop (last) date and time to which log events will be converted. The Block argument indicates if the log should be blocked during conversion. This could be useful when converting large logs (when otherwise the log could wrap during conversion). Defaults to true.
The format of an audit trail log text item is as follows:
Tag Addr - Community [TimeStamp] Vsn
PDU
where Tag is request, response, report, trap or inform; Addr is IP:Port (or comma space separated list of such); Community is the community parameter (SNMP version v1 and v2), or SecLevel:"AuthEngineID":"UserName" (SNMP v3); TimeStamp is a date and time stamp, and Vsn is the SNMP version. PDU is a textual version of the protocol data unit. There is a new line between Vsn and PDU.
If the entire log is successfully converted, the function will return ok. If one of more entries fail to convert, the function will instead return {ok, {NumOK, NumERR}}, where the counters indicate how many valid and erroneous entries where found. If instead {error, Reason} is returned, the conversion encountered a fatal error and where either never done of aborted midway.