There is a lot of activity nowdays around 'structured' logging, with a lot of the effort going into having systems generate logs in the JSON format (see the stuff from systemd, project lumberjack, etc). Some of this is going to be showing up in the next release of Fedora where the kernel logs are going to be 'structured'
to a large extent, these logs can be handled just like all other logs in SEC, but I was wondering if there has been any thought into possible ways to take advantage of this structure? The answer may be to do all this with perl snippets, but this could be standard enought o make it worthwhile implementing more direct support. I'm thinking that it would be nice if there was a way to detect a structured log and have it parsed once into a (probably hash based) data structure, and then have the ability for all the normal SEC variable use be able to refer to the elements of that structure. thoughts? David Lang ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Simple-evcorr-users mailing list Simple-evcorr-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
