Archive of syslog-sec WG discussions

This is an archive that shall facilitate the discussion process on syslog IDs. If you have reached this page searching for general syslog information, you may want to try my syslog pages instead.

Primary Topics, targeted towards drafts:

Auxiliary Topics

Topics in this section are either not relevant to a specific draft or are relevant to a broader idea/concept. They may also be used to form the foundation for later drafts. Some may just be included to help for a better understanding.

How to use these Pages

Well, it's not so complicated. In most of the subpages, you will find lists refering to posts on the mailing list. OK, you will also find other (hopefully) useful information, but it should be pretty self-explanatory. Reading the "post referring lists" is a bit tricky. This stems back to the fact that the archive is partly manually (the lists) and partly automatic (the actual archive) created. So the lists just point you to an important message inside the archive. You may want to follow this thread as long as you find it useful to do so. When you are done, you MUST use your browser's back button to get you back to the list - the archive does NOT provide any means to bring you back to the actual topic inside the list. If you browse multiple "issues pages", you will eventually find multiple referrals to the same post. That's just because a single post sometimes applies to more than one issue being discussed. You may also find links to drafts or RFCs. Sometimes they point directly to the respective document - sometimes they point to an interim page which eventually has some additional information about that specific version of a draft or the RFC. Hopefully, when the later is the case, you consider yourself lucky, because you will find some more elaborative information ;-).

Having said all this, I think I can put it into one sentence: The browser's back button is your friend! Use it often and you will be happy ;)

About this Page

Initially, I intended to create a fully manually-edited archive with handcrafted hyperlinks between the topics. While I saw this would be quite useful, I quickly noticed that maintaining it simply takes too much time. So I have switch to a partly automatic and partly manual operations. I automatically archive mailing list postings to my own raw archive - just so that I have them under my control (I like own copies of content because I can ensure they don't disappear). Then, I create "issue pages" for each open issue. In them, I provide links to the most relevant posts. The "issue page" typically also includes a quick comment of what I think makes the message important. So you can follow the discussion both by following the thread links in the raw archive as well as the handcrafted "issue pages". While this approach does not provide the full power of a fully-handcrafter archive, it is still superior over a exclusively machine created archive ... and keeps the maintenance effort low so that I can actually keep it updated. Please note that some early articles post to handcrafted archives - just don't be too surprised.

The syslog-sec WG maintains an official mailing list archive at Whenever in doubt, this is the official archive. My one is just a convenience to myself [plus, it is searchable ;-)]. The syslog-sec WG home page can be found at .

Rainer Gerhards <rgerhards at>

This page last updated: Tue Oct 11 16:35:32 2011.
For content issues, contact - for legal issues, please contact Adiscon who is the legal owner and publisher of this web site.
Visit our topic pages for practical information on syslog.
Raw Mail Archive: [threaded] [by date] [search]