Post by tophercantrell on Jul 12, 2018 14:25:46 GMT
The current schema (LogEntry.v1_3_0.json) includes only three event severities: OK, Warning, and Critical.
That gives us just one "everything is ok". But even "OK" messages have differing importance.
Using SYSLOG, for instance, a user logging in might be a NOTICE (Normal but significant). As opposed to a user fat-fingering their password (invalid login attempt) which might only be INFORMATIONAL. Five consecutive login failures on the same session -- likely a WARNING. If the login code reports it fell back on LDAP to check the credentials -- that's probably just DEBUG. If the Line Printer is on fire -- let's get an ALERT.
Any chance of getting additional severities added to this enum so we can better filter/route events?
That gives us just one "everything is ok". But even "OK" messages have differing importance.
Using SYSLOG, for instance, a user logging in might be a NOTICE (Normal but significant). As opposed to a user fat-fingering their password (invalid login attempt) which might only be INFORMATIONAL. Five consecutive login failures on the same session -- likely a WARNING. If the login code reports it fell back on LDAP to check the credentials -- that's probably just DEBUG. If the Line Printer is on fire -- let's get an ALERT.
Any chance of getting additional severities added to this enum so we can better filter/route events?
