The verifier.py script outputs "Match!" lines for good records. I think this is low-utility information, and possibly counter-productive. If a file is overwhelmingly good records, there are two problems:
- Any problematic records of small inputs being visually inspected can get lost without filtering.
- The processing time spent writing "
Match!" to screen or log output is significant, and for a large-enough file (say, the 42 MB Plaso sample mft.xml), basically punishes the verification-runner for checking data.
I propose "Match!" not be emitted, except maybe in a "verbose" mode.
The
verifier.pyscript outputs "Match!" lines for good records. I think this is low-utility information, and possibly counter-productive. If a file is overwhelmingly good records, there are two problems:Match!" to screen or log output is significant, and for a large-enough file (say, the 42 MB Plaso samplemft.xml), basically punishes the verification-runner for checking data.I propose "
Match!" not be emitted, except maybe in a "verbose" mode.