On Fri, 1 Feb 2002, Shane Kerr wrote: > An interesting exercise, but really you've tackled the program in the > wrong way. The first thing to do is figure out whether there is a > problem that needs solving, then figure out what exactly that problem > is, then decide what the requirements are for any solution. I'm using a logging system very similar to Greg's. The problems I was addressing were actually not performance related at all, but feature related. Generally, I didn't like: - the lack of acknowledged UDP transfers - the lack of strong authentication for clients - the lack of tamper resistance as the data crosses the network My system submits line oriented logs to a central logserver over a long-running ssh tunnel. If the tunnel is down (or packets are not being ACK'd) it dumps to local storage. The idea is that once messages hit /dev/log, they shouldn't be lost. > So I guess the question is: Is there a need for an improved logging > framework? I thought so. :) > p.s. If the need is there, I'll be glad to help. But even though I said > design shouldn't start yet, can I recommend using anything other > than C or C++? :) My system is primarily written in awk, since it does real-time log analysis using regexps. I feed data to multilog to actually write it to disk. -Jeff --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Feb 01 2002 - 18:44:05 PST