Hi All, I just wanted to bring into the discussion what is perhaps a new consideration for syslog message size and internationalization.
The Integrating the Healthcare Enterprise (IHE) initiative has specified the use of syslog as the mechanism for logging audit record messages. The specification allows up to 32Kb messages, the content of the MSG field is XML with a specified XML schema and it uses UTF-8 encodings. The MSG content is intended to be easily machine readable, but not necessarily human readable. The major use case is to be able to determine which system users accessed which patient data, when they did it and what type of access they did. This specification is given in the IHE Technical Framework, Basic Security Profile, Record Audit Event transaction. IHE Home: http://www.rsna.org/ihe IHE Vol I, Integration Profiles: http://www.rsna.org/IHE/tf/ihe_tf_rev5.5_vol1_TI.pdf IHE Vol III, Transactions II (covers Auditing): http://www.rsna.org/IHE/tf/ihe_tf_rev5.5_vol3_TI.pdf There are 3 features needed in syslog to support IHE's Basic Security Profile. 1. Up to 32K message size 2. UTF-8 character encoding 3. XML tags in the MSG It also makes sense that the TCP transport would be more reliable than UDP, even if not completely reliable. Only UDP transport is currently specified in IHE, but there are vague references to allowing for reliable syslog and BEEP in future versions of the specification. Comments? Regards, Doug ----------------- Douglas Dunlop AGFA HealthCare
