10 Logging best practices

The technology used is only as good as the log events themselves, regardless of how log entries are generated, whether applications write to stdout, stderr, OS event frameworks, or logging frameworks. To maximize the technical investment, we need to make the log events and their creation as effective as possible.

We have delved deeply into the technology, so we need to do the same for log events. This chapter will explore what should and should not be logged in terms of business data. Examine what information can make log events more helpful. With that, we'll identify some practices to help get values from the log events. The business data our systems process can be subject to a wide variety of contractual and legislative requirements. So we look at some of the better-known legislation needs, some options to mitigate their impact and some sources that can help us identify any other legislative requirements that can impact the use of logging.

10.1  Audit events vs log events

When is an event an audit event, and when is it a log event? Let's start with defining what the two events are.

10.2  Log levels aka Severities

10.2.1  Trace

10.2.2  Debug

10.2.3  Info(rmation)

10.2.4  Warn(ing)

10.2.5  Error

10.2.6  Fatal

10.2.7  Extending or creating your own log levels

10.3  Clear language

10.4  Human and machine-readable

10.5  Context is key

10.6  Error codes

10.6.1  Using standard errors

10.6.2  Codes can be for more than errors

10.7  Too little logging or too much?

10.7.1  What qualifies as sensitive?

10.7.2  GDPR is only the start …

10.8  Log structure and format

10.9  Putting making log entries ready for application shipping into action

10.9.1  The solution to making log entries ready for application shipping

10.10     Use frameworks if you can

10.11     Development practices

10.11.1     Rethrowing exceptions

10.11.2     Using standard exceptions and error structures

10.11.3     String construction as a reason not to log