[logs] How to define Log, Event, and Alert?
Jon Stearley
jrstear at sandia.gov
Wed Jul 23 14:43:27 PDT 2008
>
> Log (n):
> The record comprising one or more log entries accumulated over
> a given period. This may be electronic (e.g. stored in memory, disk,
> software, database, text file, etc), physical (e.g. on paper), or even
> verbal (e.g., "Between 10:00 and 10:01 we received a series of several
yes verbal if and only if it is a reviewable record, eg recorded.
> What do you think?
key aspects of a log are that it describe 1) what happened and 2) when.
i think "log entry" is clearer than "message" from rfc3164.
so a log is one or more log entries, log entries may indicate events,
and events may warrant alerts. seems good to me.
-jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.loganalysis.org/pipermail/loganalysis/attachments/20080723/fe2445f6/attachment.html
More information about the LogAnalysis
mailing list