The real extensions to the format need to come in the form of higher level event stamps and maybe the inclusion of time stamping tokens. Todd ----- Original Message ----- From: "Chris M. Lonvick" <clonvickat_private> To: "Wright, Joseph G (Gregory), GOVMK" <josephgwrightat_private>; "'Been Reading Your Logs Lately?'" <tanat_private> Cc: <loganalysisat_private> Sent: Monday, August 20, 2001 5:50 AM Subject: RE: [loganalysis] Logging standards and such > At 09:55 AM 8/17/2001 -0400, Wright, Joseph G (Gregory), GOVMK wrote: > > >At this time, syslog-reliable is an internet draft, and Chris > >Lonvick is probably in a better position to say where Mr. Rose > >stands on moving it from internet draft to standards track. But, > >since syslog-reliable serves as an implementation of BEEP (which > >is on the standards track), I would be willing to bet that > >syslog-reliable will move towards the standards track relatively > >soon... and we want a "standard", correct? > > Hi Gregory and all, > > syslog-reliable has been submitted to the IESG. They came > back with some items that needed clarification, which have > been addressed by Darren and Marshall in -12.txt. I expect > that it will be approved in the next few days. From there > it takes about 2 months for the RFC editors to go through > it and publish it. It is on the Standards Track. > > I saw a note earlier from Tina that said, in part: > === > Dudes -- A data format specification doesn't need to > specify the transport layer, so to some extent the > discussion of the best way to get the logging data from > the client to the loghost is not part of a log format > spec. > === > I'll agree with that and suggest that the discussion of > the transport be moved over to the syslog-sec mailing > list (syslog-secat_private). Please review the archives > before posting. :-) The work to be done is to review and > comment upon syslog-sign as both syslog-syslog and syslog- > reliable have been reviewed and submitted to the IESG. > > Chris Calabrese is correct that the IETF Working Group will > not work on changes to the format. That work is outside the > scope of our charter. We've been trying to leave the format > extensible in both the syslog-sign and syslog-reliable works > because we know that a lot of people would _really_ like to > change the "old" format. I'd like to see a new format > defined as well and I think Chris' work is a good start. > > Thanks, > Chris > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: loganalysis-unsubscribeat_private > For additional commands, e-mail: loganalysis-helpat_private > > --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 13:02:48 PDT