notes

Logging

Five Ws of Logging

  1. What happened?
  2. When did it happen?
  3. Where did it happen?
  4. Who was involved?

Principles

  1. Don’t collect log data you won’t use.
  2. Keep logs for as long as they can be used.
  3. Alert only on what you must respond to.
  4. Don’t exceed business security needs.
    • do not over complicate and over secure logs, because it has it’s own price.
  5. Remove sensitive information from logs
  6. Logs change (like deployments, drills, hardware updates).

Best Practices

  1. Centralize logging system
  2. Emit structured logs
  3. Define and use log levels.
    • error is something that requires action
    • if event doesn’t require action, make it a warning
  4. Provide as many context as possible
    • call stack
    • library name
    • line number