> Right now, I can do: > > syslog(LOG_DAEMON|LOG_DEBUG, "debug: marcus login from %s", where); > > How many lines of code is your library going to take and what > benefit do they give me in this situation ? I think we had this discussion before, and I suggested a variadic interface. Like this: idsa_set(c,"debug","syslog",0,IDSA_R_NONE,IDSA_R_NONE,IDSA_R_NONE, "event",IDSA_T_STRING,"marcus login","from",IDSA_T_HOST,where,NULL); which is about as compact as it gets without losing structure information. This implementation actually *exists* - for debian users, try an "apt-get install idsa", add the following lines to the code (equivalent to a mandatory openlog) #include <idsa.h> IDSA_CONNECTION *c; /* in main */ c=idsa_open(argv[0],NULL,0); compile with -lidsa, and it will work today. You'll get a log entry like this: pid="395" uid="501" gid="501" time="1040302101" service="foobar" host="knoll" name="debug" scheme="syslog" honour="0" arisk="0.000/0.989" crisk="0.000/0.989" irisk="0.000/0.989" event="marcus login" from="baz" I'd be interested in knowing if there is a way which makes fewer demands of an application programmer. regards marc _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:29:10 PST