Improving Syslog

[Martin Schütte]

Robert Watson schrieb:
> managed if done carefully.  I'm not sure if you've looked at Apple's 
> extended syslog, which among other things, includes a binary log file 
> format making it more mechanically searched and managed, do take a look 
> if you haven't.

I read the asl man pages 
(http://developer.apple.com/DOCUMENTATION/Darwin/Reference/ManPages/man3/asl.3.html) 
because I am looking for an API to support the new fields in 
syslog-protocol.
I liked the approach of adding different attributes to a message object, 
I think that would work well for structured data parametern.
But the asl functions would have to be extended for syslog-protocol 
because they do not use namespaces for the key=value pairs.

The log storage and filter mechanisms are interesting, but IMHO out of 
scope for a basic syslogd.
If desired one could probably write a small tool to use an indexed BDB 
for storage and attach it with a pipe to syslogd.

-- 
Martin