Re: [sip-clf] Defining Pros and Cons of ASCII/IPFIX
"Vijay K. Gurbani" <vkg@bell-labs.com> Wed, 27 October 2010 17:46 UTC
Return-Path: <vkg@bell-labs.com>
X-Original-To: sip-clf@core3.amsl.com
Delivered-To: sip-clf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CE5B93A6A2D for <sip-clf@core3.amsl.com>; Wed, 27 Oct 2010 10:46:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.517
X-Spam-Level:
X-Spam-Status: No, score=-102.517 tagged_above=-999 required=5 tests=[AWL=0.082, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9cR5yZOVVxfi for <sip-clf@core3.amsl.com>; Wed, 27 Oct 2010 10:46:12 -0700 (PDT)
Received: from ihemail3.lucent.com (ihemail3.lucent.com [135.245.0.37]) by core3.amsl.com (Postfix) with ESMTP id CD9DD3A69C8 for <sip-clf@ietf.org>; Wed, 27 Oct 2010 10:46:11 -0700 (PDT)
Received: from umail.lucent.com (h135-3-40-63.lucent.com [135.3.40.63]) by ihemail3.lucent.com (8.13.8/IER-o) with ESMTP id o9RHm1BV004010 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <sip-clf@ietf.org>; Wed, 27 Oct 2010 12:48:01 -0500 (CDT)
Received: from shoonya.ih.lucent.com (Knoppix-135185238233.ih.lucent.com [135.185.238.233]) by umail.lucent.com (8.13.8/TPES) with ESMTP id o9RHm1v1015082 for <sip-clf@ietf.org>; Wed, 27 Oct 2010 12:48:01 -0500 (CDT)
Message-ID: <4CC86642.8060305@bell-labs.com>
Date: Wed, 27 Oct 2010 12:49:54 -0500
From: "Vijay K. Gurbani" <vkg@bell-labs.com>
Organization: Bell Laboratories, Alcatel-Lucent
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.12) Gecko/20100907 Fedora/3.0.7-1.fc12 Thunderbird/3.0.7
MIME-Version: 1.0
To: sip-clf@ietf.org
References: <AANLkTin3+_+-ARa29=o4V8-Pp-TS0Xc5S04CYhy0sT=r@mail.gmail.com>
In-Reply-To: <AANLkTin3+_+-ARa29=o4V8-Pp-TS0Xc5S04CYhy0sT=r@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.37
Subject: Re: [sip-clf] Defining Pros and Cons of ASCII/IPFIX
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Oct 2010 17:46:15 -0000
On 10/27/2010 10:23 AM, Peter Musgrave wrote: > Hi all, > > As co-chair I am looking for a way to make a determination about how > to meet the groups decision to move forward with just one format in a > WG which has good support for two formats. Peter: I know I am beating a dead horse, but I do want to point out that it seems incongruous to come up with one format in a WG that has good support for two. Anyway, please see inline. > In my (personal) opinion I think the objective is to develop > something that will be widely implemented. I would like to solicit > input from a larger audience - but first I think we need to frame the > pros and cons. > > I would like to suggest the following: > > 1) Use the list and the Beijing meeting to come to a consensus on the > pros and cons of each and the applications which may favour one > format vs another. > > 2) Place these pros/cons on the WG Wiki [I can act as editor] OK to above. > 3) Solicit input from SIP Implementors - referring them to the WG > WIki - use the Columbia sip-implementors, sipforum list and SIPT27 We need to solicit input from the larger log analysis community besides groups related only to the IETF. There is a Linked In group called "Log Analysis Professionals" group; we could consider posting a survey there. Plus, Usenix holds system log- related workshops every year (see http://systemloganalysis.com/). I am sure that we can get some names of researchers (commercial as well as academics) that work with system logs on a daily basis and approach them for viewpoints (I would be willing to do this if we decide to follow through with 3 above.) > 4) Review the feedback and try to come to a conclusion on the list > (or failing that, in Prague at IETF80) > > I will be at SIPIT27 - so I can raise awareness of this discussion in > that community. > > How do people feel about this approach? > > I welcome any other/additional ways to resolve this issue. My $0.02 --- have both. At the risk of raising RjS's ire, the hum we took in the Anaheim meeting [1] indicated support for both (at least it does to my sensibilities.) For reasons I don't quite understand, we went against that hum in Maastricht [2]. Both representations have good reasons to move forward as they do backers and people who are willing to work on them. I understand the need to avoid the H.248/Megaco debate, but we should not be blind to the fact that SIP CLF maybe a different nail that should not be hit by the same hammer. Having constant arguments on which is better and why we should only pick one when two seem a better option are simply counter-productive. [1] http://www.ietf.org/proceedings/77/minutes/sipclf.htm [2] http://www.ietf.org/proceedings/78/minutes/sipclf.txt - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60566 (USA) Email: vkg@{alcatel-lucent.com,bell-labs.com,acm.org} Web: http://ect.bell-labs.com/who/vkg/
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Vijay K. Gurbani
- [sip-clf] Defining Pros and Cons of ASCII/IPFIX Peter Musgrave
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Saverio Niccolini
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Peter Musgrave
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Cullen Jennings
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Peter Musgrave
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Dan Burnett
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Cullen Jennings
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Eric Burger
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Hadriel Kaplan
- Re: [sip-clf] Defining Pros and Cons of ASCII/IPF… Cullen Jennings
- [sip-clf] is doing ascii doing both? (was: Defini… Hadriel Kaplan