Re: Small draft for Syslog File Storage?

Sounds like a good idea to me

The biggest step that you need to make from the on-the-wire RFC5424 Syslog is
the specification of a Syslog record separator. In most Syslog log files (as
well as CSV and other multi-record file formats), the typical record separator
is LF or CRLF.
Regardless, in order to define the record separator, you will have to add at
least one more encoding or Syslog syntax requirement on top of the existing
RFC5424 specification, as currently all characters are valid in a Syslog message
portion.

The specification would be fairly straight-forward, as you could just
standardize on the approaches taken by rsyslog and Syslog-ng. Also, RFC5424
provides enough flexibility in character escaping to build on further escaping
for control characters (U+0000 through U+001F) to make this a possibility

In addition, I would like to suggest the addition of an optional file header for
Syslog files. This would allow for easy versioning of the file, allow a place
for products to include additional information, and be able to hold information
such as the vendor, name, and version of the application producing the log. This
would be an especially nice feature when digging through and parsing old Syslog
records

Regardless of the outcome of this discussion, I would like to see a couple of
more optional encodings added to the RFC5424 specification to handle U+0000
through U+001F characters
maybe: \n, \r, \t, and some generic hex encoding for the others \x00 \x01 ...
\x1F

> -----Original Message-----