It is quite hard to extract relevant information from system log files:
There is no complete list of all messages that a system might generate.
The format of each message is not documented. Even when a message is already known because it was logged, it's not known whether optional fields were missing.
Message formats often change in newer revisions of a system.
Not all messages are parsable. Field separators like spaces might be contained in field data by accident or might intentionally be injected by an attacker.
Back to the main page.
Page created: Dec 15, 1997 -
last update: Nov 26, 2002 -
version 2.1
Jörg Czeranski (Impressum)