> As one of the many lurkers on this list, I have been monitoring this
> WG's activities and I'm a bit concerned with the recent posts. I had
> high hopes that some form of logging standardization might materialize,
> but that now seems to be in question.

That is outside the scope of this WG.  We're trying to concentrate on
the protocol used to convey log information - that's all.

> Recent regulations within the U.S. (e.g., SOX, HIPAA, SEC, FDA, etc.)
> and other countries are forcing organizations to implement
> "accountability" measures. Audit logging (as well as authentication and
> authorization) is a critical element of these accountability measures.
> Seems to me that this WG might want to step up and standardize the way
> this gets handled. If nothing else, it could give the WG a little more
> focus.

That information _may_ be placed in syslog messages but the scope
of what you're talking about includes much more than just sending
data between daemons.  For now, we have other more basic problems
to solve and as tempting as it is to try and solve these too, it
would just be a distraction and stop the WG from achieving what
it needs to achieve.

Darren

_______________________________________________
Syslog mailing list
Syslog@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/syslog

Reply via email to