The new full query logger and the audit logger support logging into binary Chronicle logs. Both create records with a small header to indicate what follows, but the two features have adopted different header formats. Let's align the record header format with this ticket.
- Both features should use the same header layout. This makes it possible to give more user friendly error messages in the fqltool and auditlogviewr commands.
- The record header should have a distinct type to indicate the type of record.
- The record header should have a version so that the record format can evolve.
Current record header format of the FQL is:
where <type> can be either batch or single-query.
Current record header format of the binary audit log is: