On Fri, 3 Jan 2003, Rainer Gerhards wrote: > I strongly believe we should - at least in the beginning - provide a > syslog(3) replacement that just does as I have written above. So a > simple re-link is necessary. Maybe we can even get this into glibc over > time... With a minimalistic replacement, there should not be much memory > or other footprint be added to the existing apps. And the replacement > could also check an environment variable (or /etc file or whatever) to > dynamically determine if it should apply the wrapper formatting or true > old-style format. From a forensics standpoint, dynamic variable formatting is a bad idea. You really want strictly defined behaviour. It's better to hook old style logging into a new thing, and identify it than to choose which mechanism on the fly. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions probertsat_private which may have no basis whatsoever in fact." _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Fri Jan 03 2003 - 18:57:42 PST