Infrastructure & Operational Technology
Logging
State Januar 2019
After introducing a central "graylog2" service (powered by ICT :-)), there are no "big changes" to logging and even the "small changes" are few - only some update(s) to the Docker-images provided for easier "log-forwarding".
This is no indicator for logging or central-log management going away. On the contrary, providing logging data to the central log service for analysis (think about "Security and Incident Management Systems - SIEM) is a "hot topic" in ITSec and might raise the importance of logging, log-forwarding again. There are no breaking changes to be expected, but it is something to be considered if log-forwarding and the like have not been already on your "requirements-radar".
Revisions:
Why?
After development, any application/service is stripped of debugging functionality or instrumentation.
The only chance to keep an eye out for success/failure is to observe the system(s) for
- logging information
- monitoring data
- telemetric data
Logging
... is providing information from "inside" the application/service about:
- events (user interaction, incoming requests, ...)
- actions (processing data, writing files, sending messages, ...)
- issues (low memory, exhausted storage, unreachable services, ...)
- ...
Logging data is required to give proof of correct execution (and thereby can be used for solving problems). It is very likely organized along the structure and architecure of the software.
Technology choices/solutions
- Logging in containers/on platforms
- jvm log library - log4j
- .net log library - nlog
- Log forwarding - fluentd/fluentbit
Our projects
List of projects and activities
Contact
Thomas Schüring thomas.schuering@haufe-lexware.com
