On 07/15/2013 11:28 PM, Eric Smith wrote:
Microsoft uses binary logs also, and they are really awful. Maybe your binary journal is far better than MS' logs,
IIRC, the main issue with the Windows system event files is that in order to interpret the binary data, you need DLLs provided by the application which wrote the logs. The journal provides a simple key/value map for each log entry, so it's easy for application developers to provide data in a more structured manner, while still maintaining the self-describing nature of log file entries (or perhaps increasing it because you now can add column labels because you don't feel compelled to avoid long log lines).
-- Florian Weimer / Red Hat Product Security Team -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
