[sip-clf] Implementation - Code and Results
Peter Musgrave <peter.musgrave@magorcorp.com> Tue, 26 October 2010 11:00 UTC
Return-Path: <peter.musgrave@magorcorp.com>
X-Original-To: sip-clf@core3.amsl.com
Delivered-To: sip-clf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4EF133A6930 for <sip-clf@core3.amsl.com>; Tue, 26 Oct 2010 04:00:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.856
X-Spam-Level:
X-Spam-Status: No, score=-101.856 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 90cAc1L8UTXK for <sip-clf@core3.amsl.com>; Tue, 26 Oct 2010 04:00:54 -0700 (PDT)
Received: from mail-qy0-f172.google.com (mail-qy0-f172.google.com [209.85.216.172]) by core3.amsl.com (Postfix) with ESMTP id 65C4A3A6931 for <sip-clf@ietf.org>; Tue, 26 Oct 2010 04:00:54 -0700 (PDT)
Received: by qyk1 with SMTP id 1so2448208qyk.10 for <sip-clf@ietf.org>; Tue, 26 Oct 2010 04:02:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.229.80.77 with SMTP id s13mr6012534qck.186.1288090961075; Tue, 26 Oct 2010 04:02:41 -0700 (PDT)
Received: by 10.229.225.207 with HTTP; Tue, 26 Oct 2010 04:02:41 -0700 (PDT)
Date: Tue, 26 Oct 2010 07:02:41 -0400
Message-ID: <AANLkTimO0vUhjRJBU9iSkLXkQ3xT36up635y+4__QoO1@mail.gmail.com>
From: Peter Musgrave <peter.musgrave@magorcorp.com>
To: List SIP-CLF Mailing <sip-clf@ietf.org>
Content-Type: multipart/alternative; boundary="0016e646a53a2c5e390493830c8d"
Subject: [sip-clf] Implementation - Code and Results
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Oct 2010 11:00:55 -0000
HI all, http://trac.tools.ietf.org/wg/sipclf/trac/wiki/WikiStart contains some sample output files and the core Java code I used to generate each log format. My general feelings: - indexed ASCII files are bigger (by about 1.5 x) but that's not a very big factor when bytes on disk are so cheap (people coding on small devices may feel differently) - coding indexed ASCII logging is easier and the code is smaller - IPFIX implementation required me to dig through some other docs (so for this to be accepted by implementors then I think sample code would be mandatory) - examining IPFIX files when debugging the logger was tedious (Hadriel's wireshark plugin was very helpful here - he found several bugs in my IPFIX logger) [but I think we all knew that a binary format would be like that] - creating a python script to read indexed ASCII was very simple I think the exercise was useful in that it did help sharpen each of the implementation drafts. I'll leave it to the chair to figure out how to move this forward. Oh, wait, that's me.... Peter Musgrave (as individual)
- [sip-clf] Implementation - Code and Results Peter Musgrave
- Re: [sip-clf] Implementation - Code and Results Vijay K. Gurbani
- Re: [sip-clf] Implementation - Code and Results Saverio Niccolini
- Re: [sip-clf] Implementation - Code and Results Vijay K. Gurbani