-
Notifications
You must be signed in to change notification settings - Fork 419
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify event.original vs log.original? #127
Comments
The important difference is here:
|
So event.original would be the true original version that matches byte for byte against the underlying log file and log.original might be slightly cleaned up? If the use of both is to demonstrate log integrity, and they aren't searchable, wouldn't the event.original version be more valuable and obviate the need for log.original, especially if event.hash were also implemented? |
Looking at the definitions of both, they seem to be flipped around vs what I would expect. In my mind, But the descriptions seem to say that Do we really need the two? If we get rid of one of the two, perhaps the most canonical one we should keep should be |
event.original is intended to show integrity but also to have the original around if it is log or not. log.original has the intention to make log reprocessing possible. There are things which can only happen with the knowledge on the edge node and some processing must already happen. We could merge the two but would agree that in the case of logs My personal preference is to keep both to make it very clear if |
@ruflin I'm actually unclear on the two examples you give about log.original.
|
For the encoding: Yes it's converted to utf-8. There are unfortunately quite a few more formats out there then the ones you mentioned. Each line at the end contains one or multiple new line chars ( If we loose up |
Can someone explain the need for log.original given event.original? They look identical to me.
The text was updated successfully, but these errors were encountered: