[Lognorm] liblognorm default field names
Champ Clark III [Softwink]
champ at softwink.com
Wed Jan 19 15:37:37 CET 2011
On Fri, Jan 14, 2011 at 04:33:51PM +0100, Florian Riedl wrote:
> Dear liblognorm fans,
>
> we are currently trying to compile some sort of list for field names that
> should be a standard in liblognorm.
>
> We already thought about a few. Like the following:
> Src-ip = Source IP -> IPv4
> Dst-ip = Destination IP -> IPv4
>
> http://www.liblognorm.com/field-names/
Aside from the new fields (quoted-string, etc), we might want
to consider a src-host/dst-host (or something of the likes). In some
cases, I'll see sshd (for example) with UseDNS enabled. In those
cases rather than a src-ip, i'd grab a src-host.
--
Champ Clark III | Softwink, Inc | 800-538-9357 x 101
http://www.softwink.com
GPG Key ID: 58A2A58F
Key fingerprint = 7734 2A1C 007D 581E BDF7 6AD5 0F1F 655F 58A2 A58F
If it wasn't for C, we'd be using BASI, PASAL and OBOL.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.adiscon.net/pipermail/lognorm/attachments/20110119/2fbc5a45/attachment.pgp>
More information about the Lognorm
mailing list