I agree, there are an awful lot of systems and SIEM products that process querylogs. This one change will require a huge amount of re-engineering work in customer environments.
Paul -----Original Message----- From: bind-users [mailto:[email protected]] On Behalf Of Steven Carr Sent: 25 January 2017 12:44 To: bind-users <[email protected]> Subject: Re: Bind Queries log file format On 25 January 2017 at 10:59, Tony Finch <[email protected]> wrote: > It's the address in memory of the data structure representing the client. > It is mentioned in the CHANGES file (#4471) and in the release notes - > see > https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=c > 4b7db49326be650fa95a7ede6e066bbe1268561 > > though the pointer field first turned up in > https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=a > 26a62cef2adba0520c5955d740fc75fa7f2c7f5 Question back to the BIND team... why? what is the purpose of having this value exposed in query logs? what exactly is it adding? If it was a debug log then I can understand the need to have the memory address exposed, but for the "regular" user what is the use case? _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
