Status: Not started
Responsible: None
Prerequisites: Unknown
Currently, when a DLF schema represents different kind of
|
events, it is done by using a subset of all the fields present
in the schema. An example of this can be found in the firewall
superservice which provides support for IDS, packet accounting
and packet filtering kind of events.
A limitations of the current approach is that the fields required for a particular events can't be specified. Another limitation is that similar events across superservice cannot be identified. A proposed solution can be found in the document sent by Arnaud Taddei to the development mailing list. Status: Not started Responsible: None Prerequisites: Unknown, probably the section called “Schemas with Multiple Event Types Support” One things often requested by users is the ability to generate reports across superservices. One possible solution which would use normalized events schema across superservice is explained in the document sent by Arnaud Taddei to the development mailing list. |