> They often have application or device specific information as > data about the event being logged, not just the message. Is Hey Darren, have you ever had a look at PIX messages? Here is an actual one: %PIX-6-302006: Teardown UDP connection for faddr 194.95.77.107/24576 gaddr 217.6.190.187/53 laddr 172.19.0.3/53 Do I correctly have the impression that text and data is mixed on that PIX syslog message? ;) > syslog the right thing to be using for that sort of data ? > If so, does it mean syslog messages become binary format or > text with a large hex dump or maybe just a number that > indexes into a different binary data file ? No, they look much like the PIX sample above... > > AFAIK, there's currently no way to readily achieve the same > result that you can with event viewer for sending lots of > data along with a log event. I am sorry, I simply do not fully understand what you mean. Please bear with the non-native English speaker... Do you mean the message size for (optional) dump part? - than I agree (we have created work-arounds inside our products, but nothing open-standard). Rainer _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Dec 13 2002 - 10:34:40 PST