[Serusers] Common Log File
Jiri Kuthan
jiri at iptel.org
Thu Mar 26 15:29:51 CET 2009
I'm wondering what folks think about this the Common Log File (CLF)
activity in the IETF?
http://www.ietf.org/internet-drafts/draft-gurbani-sipping-clf-01.txt
http://tools.ietf.org/html/draft-roach-sipping-clf-syntax-00
Comments to me or directly to the authors welcome.
-jiri
Abstract
Well-known web servers such as Apache and web proxies like Squid support
event logging using a common log format. The logs produced using these
de-facto standard formats are invaluable to system administrators for
trouble-shooting a server and tool writers to craft tools that mine the
log files and produce reports and trends. Furthermore, these log files
can also be used to train anomaly detection systems and feed events into
a security event management system. The Session Initiation Protocol does
not have a common log format, and as a result, each server supports a
distinct log format that makes it unnecessarily complex to produce tools
to do trend analysis and security detection. We propose a common log
file format for SIP servers that can be used uniformly for proxies,
registrars, redirect servers as well as back-to-back user agents.
More information about the sr-users
mailing list