Logging
Five Ws of Logging
- What happened?
- When did it happen?
- Where did it happen?
- Who was involved?
Principles
- Don’t collect log data you won’t use.
- Keep logs for as long as they can be used.
- Alert only on what you must respond to.
- Don’t exceed business security needs.
- do not over complicate and over secure logs, because it has it’s own price.
- Remove sensitive information from logs
- Logs change (like deployments, drills, hardware updates).
Best Practices
- Centralize logging system
- Emit structured logs
- Define and use log levels.
- error is something that requires action
- if event doesn’t require action, make it a warning
- Provide as many context as possible
- call stack
- library name
- line number