There was an IETF draft in 1999 by Abela and Debeaupuis called "Universal Format for Logger Messages" that addresses this issue. When the IETF Syslog working group formed, I XML-ized it with the thinking that it would make a good basis for this sort of thing. Unfortunately, the Syslog working group decided it was outside of its scope, and it's sort of languished as I've moved on to other things. However, I have gotten some interest in it from time to time, and I offer it here as a good starting point... -----Original Message----- From: edward.j.sargissonat_private [mailto:edward.j.sargissonat_private] Sent: Monday, August 13, 2001 6:18 PM To: loganalysisat_private Subject: [loganalysis] Logging standards and such I've been following the discussion of various logging standards, storage daemons and parsers. There appears to be a plethora of different log formats and a need to be able to monitor what is happening from a central points. However there doesn't seem to be a well-known common standard. Why don't we have a look at defining a common logging standard ourselves? We could then write little adaptors which hook into the custom formats and spit out our common standard. On top of that we can write standard parsing engines that can look at all the traffic and pass it through to standard interface tools (e.g. GUI or mail). I imagine there's enough talent here to do a good job. What do you think? Edward (I speak for myself and not my firm). __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 11:20:31 PDT