- load all pattern files under patterns/
- grok captures don't include @LINE, so put it there ourselves
- properly filter grok captures per comments
- tear out grok cmdline stuff
- switch to seconds since epoch for @DATE
- add firewalls pattern with initial netscreen session close pattern
- Add MessageStream.clear for wiping messages in the stream.
- Make socket reading faster and more reliable (since read(N) may return elss
than N bytes)
Fun stats, dumping lines of apache logs into sandbox/srv.rb
from sandbox/client.rb:
1421000 finished @ 163/sec => 8680.2 secs
1422000 finished @ 163/sec => 8678.5 secs
1423000 finished @ 163/sec => 8679.1 secs
8500 lines per second? That's about 2MB/sec. Not bad?
to the correct message instance (an IndexEvent request becomes an
IndexEventRequest instance, etc)
- We use some metaprogramming tricks to bind Message JSON fields to
functions, see BindToHash and hashbind in net/message.rb
- Protocol versioning is poor right now, but it is present.
- The server code is not well-written, yet. I just wanted real client/server
encode/decode testing.
- Add some play code to sandbox/
