If I were to depart from the unstructured text syslog format, I'd shift to CSV; with a reasonable choice of quoting rules it can robustly round-trip a lot of tabular data, and very fast writers and parsers are available. I, personally, wouldn't find a more complex structure that easily represents heirarchical structure within a record an improvement.
On Thu, Oct 4, 2018, 06:06 Philip Paeps <phi...@trouble.is> wrote: > On 2018-10-01 09:32:58 (+0200), Patrick Ben Koetter wrote: > > > * Илья Шипицин <chipits...@gmail.com>: > >>> Here is an idea: combine log analysis with a web API. End of > >>> problem. > >> > >> that was what I was going to implement. > >> however, I do not like to implement thing that are implemented > >> already. > >> so, I did a google search and I asked mailing list. > >> > >> seems, I need to implement rest api myself. > >> > >> > >> one more question. > >> I like text logs. they are fast, and available 100% (comparing, for > >> example > >> to some network logging). > >> > >> is there a way (I did a seach already) to make logs structured ? > >> something > >> like apache access log (field with separator), json, xml, csv ? > >> whatever to be machine readable (to make rest api actually read it) > > > > There isn't and it is one of the (very few) shortcomings of Postfix. > > AFAIK > > logging – as it is today – was hard wired into the code, which > > means if you > > would like to add a new way to output it, i.e. alternate format, > > structure, > > you would have to work your way through all the code. > > If you want to go this route, I would recommend looking at libxo[0]. It > will still be a lot of work. > > I'm not sure if anyone has ever tried to use libxo for logging though. > > Philip > > [0] libxo: http://juniper.github.io/libxo/libxo-manual.html > > -- > Philip Paeps > Senior Reality Engineer > Ministry of Information >
