[syslog-ng] patterndb repositoy and best practices

[Evan Rempel]

We are preparing to leverage the patterndb functionality in a very big way.
A few questions before I jump.

1. Is there a public repository of pattern databases?

2. Is there some registry for creating the uniq IDs for rules and rule sets?
    For example, is there anything that prevents me from creating a rule with
    a duplicate rule ID that would result in an ID collision when merged
    with some other patterndb author?

3. Is there any registry for tag names, or key value pair names so that
    tags that I place on a message will be usable by others syslog-ng
    configuration filters?

4. Are there any best practices for tag names or key names to provide
    any kind of grouping? For example;

    user.name
    user.uid
    user.gid
    host.address.ipv4
    host.address.ipv6
    host.name



Any pointers or discussion will be helpful because we are looking at producing
a complete "artificial ignorance" infrastructure for our entire organization,
from linux, research compute clusters, network gear, Windows hosts,
web hosting, database services etc.

Thanks for your time.

Evan