Logging (computing)

In computing, logging is the act of keeping a log of events that occur in a computer system, such as problems, errors or just information on current operations. These events may occur in the operating system or in other software. A message or log entry is recorded for each such event. These log messages can then be used to monitor and understand the operation of the system, to debug problems, or during an audit. Logging is particularly important in multi-user software, to have a central overview of the operation of the system.

In the simplest case, messages are written to a file, called a log file.[1] Alternatively, the messages may be written to a dedicated logging system or to a log management software, where it is stored in a database or on a different computer system.

Specifically, a transaction log is a log of the communications between a system and the users of that system,[2] or a data collection method that automatically captures the type, content, or time of transactions made by a person from a terminal with that system.[3] For Web searching, a transaction log is an electronic record of interactions that have occurred during a searching episode between a Web search engine and users searching for information on that Web search engine.

Many operating systems, software frameworks and programs include a logging system. A widely used logging standard is Syslog, defined in IETF RFC 5424.[4] The Syslog standard enables a dedicated, standardized subsystem to generate, filter, record, and analyze log messages. This relieves software developers of having to design and code their ad hoc logging systems.[5][6][7]

Types

[edit]

Event logs

[edit]

Event logs record events taking place in the execution of a system in order to provide. That can be used to understand the activity of the system and to diagnose problems. They are essential to understand particularly in the case of applications with little user interaction.

It can also be useful to combine log file entries from multiple sources. It is a different combination that may yield between with related events on different servers. Other solutions employ network-wide querying and reporting.[8][9]

Transaction logs

[edit]

Most database systems maintain some kind of transaction log, which are not mainly intended as an audit trail for later analysis, and are not intended to be human-readable. These logs record changes to the stored data to allow the database to recover from crashes or other data errors and maintain the stored data in a consistent state. Thus, database systems usually have both general event logs and transaction logs.[10][11][12][13]

The use of data stored in transaction logs of Web search engines, Intranets, and Web sites can provide valuable insight into understanding the information-searching process of online searchers.[14] This understanding can enlighten information system design, interface development, and devising the information architecture for content collections.

Message logs

[edit]

Internet Relay Chat (IRC), instant messaging (IM) programs, peer-to-peer file sharing clients with chat functions, and multiplayer games (especially MMORPGs) commonly have the ability to automatically save textual communication, both public (IRC channel/IM conference/MMO public/party chat messages) and private chat between users, as message logs.[15] Message logs are almost universally plain text files, but IM and VoIP clients (which support textual chat, e.g. Skype) might save them in HTML files or in a custom format to ease reading or enable encryption.

In the case of IRC software, message logs often include system/server messages and entries related to channel and user changes (e.g. topic change, user joins/exits/kicks/bans, nickname changes, the user status changes), making them more like a combined message/event log of the channel in question, but such a log is not comparable to a true IRC server event log, because it only records user-visible events for the time frame the user spent being connected to a certain channel.

Instant messaging and VoIP clients often offer the chance to store encrypted logs to enhance the user's privacy. These logs require a password to be decrypted and viewed, and they are often handled by their respective writing application. Some privacy focused messaging services, such as Signal, record minimal logs about users, limiting their information to connection times.[16]

Server logs

[edit]
Apache access log showing Wordpress vulnerability bots

A server log is a log file (or several files) automatically created and maintained by a server consisting of a list of activities it performed.

A typical example is a web server log which maintains a history of page requests. The W3C maintains a standard format (the Common Log Format) for web server log files, but other proprietary formats exist.[9] Some servers can log information to computer readable formats (such as JSON) versus the human readable standard.[17] More recent entries are typically appended to the end of the file. Information about the request, including client IP address, request date/time, page requested, HTTP code, bytes served, user agent, and referrer are typically added. This data can be combined into a single file, or separated into distinct logs, such as an access log, error log, or referrer log. However, server logs typically do not collect user-specific information.

These files are usually not accessible to general Internet users, only to the webmaster or other administrative person of an Internet service. A statistical analysis of the server log may be used to examine traffic patterns by time of day, day of week, referrer, or user agent. Efficient web site administration, adequate hosting resources and the fine tuning of sales efforts can be aided by analysis of the web server logs.

See also

[edit]

References

[edit]
  1. ^ DeLaRosa, Alexander (February 8, 2018). "Log Monitoring: not the ugly sister". Pandora FMS. Archived from the original on February 14, 2018. Retrieved February 14, 2018. A log file is a text file or XML file used to register the automatically produced and time-stamped documentation of events, behaviors and conditions relevant to a particular system.
  2. ^ Peters, Thomas A. (1993-02-01). "The history and development of transaction log analysis". Library Hi Tech. 11 (2): 41–66. doi:10.1108/eb047884. ISSN 0737-8831.
  3. ^ Rice, Ronald E.; Borgman, Christine L. (1983). "The use of computer-monitored data in information science and communication research". Journal of the American Society for Information Science. 34 (4): 247–256. doi:10.1002/asi.4630340404. ISSN 0002-8231.
  4. ^ R. Gerhards (March 2009). The Syslog Protocol. Network Working Group. doi:10.17487/RFC5424. RFC 5424. Proposed Standard. Obsoletes RFC 3164.
  5. ^ "XML Logging :: WinSCP". winscp.net. 16 June 2022.
  6. ^ "Use XML for Log Files". CodeProject. August 22, 2008.
  7. ^ "Turn Your Log Files into Searchable Data Using Regex and the XML Classes". learn.microsoft.com. 24 June 2011.
  8. ^ "Log File Viewer - SQL Server". learn.microsoft.com. 28 February 2023.
  9. ^ a b "Extended Log File Format". www.w3.org.
  10. ^ "The Transaction Log (SQL Server) - SQL Server". learn.microsoft.com. 27 September 2023.
  11. ^ Stankovic, Ivan (February 11, 2014). "A beginner's guide to SQL Server transaction logs".
  12. ^ "Understanding the importance of transaction logs in SQL Server". TechRepublic. November 11, 2004.
  13. ^ "Logfiles". www.neurobs.com.
  14. ^ Jansen, Bernard J. (2006). "Search log analysis: What it is, what's been done, how to do it". Library & Information Science Research. 28 (3). Elsevier BV: 407–432. doi:10.1016/j.lisr.2006.06.005. ISSN 0740-8188.
  15. ^ "LogFile Class (Microsoft.SqlServer.Management.Smo)". learn.microsoft.com.
  16. ^ Brandom, Russell (2 January 2018). "Iran blocks encrypted messaging apps amid nationwide protests". The Verge. Vox Media. Archived from the original on 22 March 2018. Retrieved 23 March 2018.
  17. ^ Server, Caddy Web. "How Logging Works - Caddy Documentation". caddyserver.com.