Results 1 to 5 of 5

Thread: Log format

  1. #1

    Log format

    I'm creating a tool that writes findings to logs, I was wondering if there is a standard log format for security software, or any tips about log design in general. The tool that will be creating the logs won't actually be using them itself, it will be creating them for other scripts or tools to use.

    I need something that can be parsed easily by many different languages, right now I'm thinking of putting the logs into comma separated value format so it's easy to read a line and explode the line, which most languages seem to have simple functions for. XML was brought up in a conversation, but I don't know how well that can be used with multiple languages.

    My tool -creates-> Logs -read by-> Unknown Scripts not written by myself.

    So I need to make the logs in a friendly & common format. Any suggestions?


  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Plain text columnized or CSV are both good IMO.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    AO Senior Cow-beller
    zencoder's Avatar
    Join Date
    Dec 2004
    Mountain standard tribe.
    CSV is my choice. Platform independant and easily recognized. XML might do the trick, but you mention a concern and honestly, I doubt it would be helpful, unless you are writing logs on dynamically changing data...such as adding previously undefined fields/values as the application runs. And even then, you'd better consult someone who knows more XML than I to make sure.

    yeah, I'd suggest CSV.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  4. #4
    Senior Member MadBeaver's Avatar
    Join Date
    Jul 2003
    Bath, Maine
    The lowest common denominator, ASCII text.
    CSV is the way to go. I had a project where I had to bring data together from multipul system and programs into one database. In the end the only way I could do it was to have all the system export to a ASCII text CSV File.
    Mad Beaver

  5. #5
    oldie ric-o's Avatar
    Join Date
    Nov 2002
    Hey Soda: Like everyone else said - CSV is best. That way you can bring it up in M$ Excel or in a text editor such as UltraEdit if you want. I use CSV output for all of my Perl scripts I write and use for security and system administrator tasks.

    One note about CSV fields: make sure you use quotes when saving items that have commas in them. That way it doesn't split your field up accidently.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts