Hi all, I’m trying to configure differential logs ...
# generalg
George
11/30/2023, 3:53 PMHi all, I’m trying to configure differential logs for the MacOS apps table. I want to see a log message whenever a new app is added and I don’t care about the initial event. My research tells me that I need to make use of the schedule counter. I’m telling my logging system to ignore all logs where
counter = 0counter = 1 Copy code
For initial query results that include all records counter will be "0", while initial results without all records (like event tables) will start at "1".while initial results without all records (like event tables) will start at “1”I don’t fully understand what this means but the apps table isn’t an event table so I don’t think it applies. It’s also not completely clear to me what the schedule epoch does - from what I understand this is an arbitrary static field I can set to any 64bit integer and it will stay the same unless I decide to change it? Thanks!
s
Stefano Bonicatti
11/30/2023, 7:56 PMMaybe the phrase there should be changed slightly to
while for the initial results that do not contain all records (like in the case of event tables) the counter will start at "1"Stefano Bonicatti
11/30/2023, 8:01 PMAdmittedly I'm a bit confused too on what's the pro on using the differential on the events case, since there's no state being kept or represented for event tables, each event is something new changing.
Anyway as described in the docs, for the normal tables case, the counter simply increases by 1 at each query execution, so if you skip
counter=0epochcounter = 0g
George
12/01/2023, 9:58 AMHmm, ok thanks at least that confirms that I understand the two options! I’ll have to get a test machine and try and work out why I’m getting so many events for
counter = 1