Re: [logs] Converting log messages to XML format.

From: Alexandre Dulaunoy (alexat_private)
Date: Fri Nov 09 2001 - 22:23:37 PST

Next message: Matt Zimmerman: "Re: [logs] Converting log messages to XML format."

Previous message: Tina Bird: "RE: [logs] Syslog client alternatives for NT"
In reply to: Cedar Hannan: "[logs] Converting log messages to XML format."
Next in thread: Matt Zimmerman: "Re: [logs] Converting log messages to XML format."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes, we are developping a software for doing MSS (Managed Security
Services). The project is called IPFC. (We plan to make a release 1.0 for
the 15 decembre). We encapsulate syslog, checkpoint, .... into a standard
and simple XML format.

http://www.foo.be/ipfc/
http://www.sourceforge.net/projects/ipfc/

The XML library we use in Perl excape all the character that can't be put
directly in XML.

Here it is a XML files with syslog data :

<?xml version='1' standalone='yes'?>
<ipfc>
  <smod>
    <ip>128.253.154.221</ip>
    <sensorid>1</sensorid>
    <date>2001-11-9 21:30:05</date>
    <name>tournesol</name>
  </smod>
  <generationid>2001-11-9 20:55:52</generationid>
  <data>
    <entry>
      <category>syslog-line</category>
      <content>
        <syslog-line>Nov  9 21:30:00 tournesol kernel: Uniform CD-ROM
driver unloaded</syslog-line>
        <syslog-line>Nov  9 21:30:02 tournesol kernel: hdc: ATAPI 24X
CD-ROM drive, 128kB Cache, UDMA(33)</syslog-line>
        <syslog-line>Nov  9 21:30:02 tournesol kernel: Uniform CD-ROM
driver Revision: 3.12</syslog-line>
      </content>
      <version>1</version>
      <type>events</type>
    </entry>
  </data>
  <drserver>
    <ip>195.207.52.190</ip>
    <uri>ipfc/tournesol/events/</uri>
  </drserver>
  <sequenceid>37</sequenceid>
  <version>1</version>
  <type>events</type>
  <transacid>2001110921300500981</transacid>
</ipfc>

Hope this helps.

Alex

-- 
---
Alexandre Dulaunoy			adulauat_private
http://www.foo.be/		        http://www.conostix.com/

On Fri, 9 Nov 2001, Cedar Hannan wrote:

> I'm wondering if anyone out there has any experience with converting log
> messages to XML format.  I've been attempting to do this and have had
> moderate success.  The template feature in Syslog-ng makes this pretty
> easy in that you can write your tags into a template eg:
> <host>$HOST</host> <message>$MESSAGE</message> etc.
>
> The only problem I have run into is that sometimes the text of a message
> will contain characters that mess up the XML "code".  This happens when
> the message text contains "<some_string>".  It then gets interpreted as
> a tag and breaks things.  The only thing I can think of to do is write a
> Perl script that "scrubs" the file to pull out any extraneous "<".  I
> was hoping to avoid this.  I am very, very new to XML so please excuse
> me if I'm confusing things.  Any ideas?
>
> -Cedar
>
>
> Cedar Hannan
> RagingNet, Inc
> mailto:channanat_private
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: loganalysis-unsubscribeat_private
> For additional commands, e-mail: loganalysis-helpat_private
>



---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Matt Zimmerman: "Re: [logs] Converting log messages to XML format."
Previous message: Tina Bird: "RE: [logs] Syslog client alternatives for NT"
In reply to: Cedar Hannan: "[logs] Converting log messages to XML format."
Next in thread: Matt Zimmerman: "Re: [logs] Converting log messages to XML format."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Nov 10 2001 - 14:00:06 PST