In some mail from Rainer Gerhards, sie said: > > > but how do you impose a limit on the message size? limit it > > to 1024 chars? > > > > ... > > > messages are limited in size, this limit is tunable at runtime. > > (log_msg_size() global option) you can have 8192 bytes length > > messages if you like that. > > > > the 1024 bytes limit was something again that needed to be eliminated. > > While dealing with (phony) Windows event log records.... Even 8 K is not > enough from our point of view. Specifically if you think about Asian > languages. If you look at e.g. Japanese (Windows) event message, thy are > more or less double the size for many events. Same if ever Unicode > (especially UTF-4) is to be transmited. Sure not there yet, but wouldn't > it be good to think about it. > > I opt for the sender not to be limited in size or at least be able to > negotiate with the server on a max size. Believe it or not, we have > customers who ask for the full binary data from NT event logs to be > transmitted - that can make up to 128 KB... :( Obviously, there is a > need for such... You're mixing two different mechanisms here. The "event manager" logs are used in a different way than is syslog but I suppose the question is, should syslog support that type of use anyway? And if so, how? The mechanism currently used is not sufficient, I think. Darren _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Dec 13 2002 - 10:25:09 PST