[logs] ugliest application logs ever?

[Tina Bird]

> I wanted to turn this into a formal contest but figured I'd poll the
> list first: what are the ugliest, most useless application logs that
> you've seen? Logs that defy log analysis, that are full of numeric
> codes not explained anywhere? Logs that don't say what they mean (and
> vice versa)? Logs that omit the most critical piece of info?
> 
> Here is my example:
> 
> |22:22:32|BTC| 7|000|DDIC        |    |R49|Communication error, CPIC
> return code 020, <application> return code 456
> 
> Why it sux: numeric codes (twice), ambiguous language, no sense of
> priority, etc.

It's awfully hard to beat "Last message repeated N times" for lack of useful
content :-)

But since I've been digging through Cisco PIX/ASA logs, here are a couple of
my favorites for the "omits critical data":

%PIX|ASA-3-713185 Error: Username too long - connection aborted
 
 -- no username or other session identifier included

%PIX|ASA-3-717001 Querying keypair failed.

 -- no keypair identifiers, or clue about why the failure occurred

%PIX|ASA-5-501101 User transitioning priv level

 -- no userID, old/new priv levels, command affected
 -- As per the documentation, this message records an administrator changing
the privilege level required to execute a command, but the message does not
actually state anything like that, making it pretty useless. 

For the sake of the poor Cisco doc folks I've been overwhelming with
questions, comments and rants, I'll stop here. I've got some pretty arcane
messages in some of my tutorials; if I have time I'll dig them up.

Next?

cheers -- tbird