Art of Logging

Love it or hate it, every developer needs to log in some capacity. The first step for a developer is usually to write a "Hello World" program to display something out on screen or log file. Even now, it brings so much joy thinking about the time when the first program compiled, executed, and spitted out string literals.

Once developers started gaining maturity and the software industry needed more structure, frameworks were developed to consolidate and configure logs. Long gone are the days when you would be needed to write a Log class that can take message and severity parameters and processes the statement. More than a decade back frameworks such as Log4J, Log4Net, Logback, NLog, etc evolved so developers don't have to reinvent the wheel. These frameworks also meant developers took log mechanisms for granted and organizations now had gigs of log files even with severity level set at "Error", which was hard to process or trace for any meaningful insight.

The next phase of evolution brought log consolidation services such as gray log, which would crunch the insane amount of log and provide an easy way for managers and production support staff to rake through and find that instance when order object was accidentally initialized to null, debugging is no fun.

In all of these years, we as developers have not looked at logging as anything more than a way to diagnose an issue. There needs to be a shift in the mindset of developers, log should evolve from debugging purpose to action-driven. Every action such as login, view account, update cart, added coupon should be logged in a manner that log playback provides a complete picture along with a timeline of every action took by a specific user.

Another factor that is seldom considered regarding application logs is security. While tough measures are adopted on providing access to the software, archived log files often end up on a warehouse shelf.

Cloud transition and microservices architecture present a challenge as well as an opportunity for transforming software logging in today's world where data storage is infinite and require organizations to promptly respond to events. Services such as AWS cloud watch or Azure Monitor are good services that can slurp through a tremendous amount of data from a variety of sources in almost real-time. However, that's just the beginning, these services can be configured to send alert notifications when a certain "event" occurs or a reference is found in the log file, this is good and it gets even better.

Imagine a situation where an organization specified that sensitive information such as PII or Payment should never be logged unencrypted. Keeping a tab on every developer in a large organization even with strong code reviewing practice, there can be occasions where debugging code was added to print user details but not removed before production migration.

Services that I mentioned earlier can be of great help in these scenarios. Not only an alert can be set up to be notified of a breach in corporate policies, but a self-healing process can also be created that take action in real-time, without any manual interaction. Give some room to AWS Lambda and Azure functions, they bring a tremendous shift from playing catch up regarding fixing issues. Along with Cloud Watch or Monitor, Lambda & functions could be used to proactively enforcing specified company policies.

Another use of log data is generating real-time analytics and understanding trends. For example, the organization receives about 1000 orders a day and the IT group complains of getting too much traffic on the ordering server. Log analytics can identify how many users end up on the shopping cart page and used a discount code which errored out and users abandoned the cart.

However, it all comes down to the developer's strict adherence and consistency while adding logging. In conclusion, developers need to be trained on newer cloud-friendly practices of software logging while management needs to step up and create log analytics to ensure they have visibility of logging statistics. In today's world of distributed and serverless architecture, logs need to ensure non-repudiation for any and every action taken by the user.