[Spike] Proof of concept for modular logging #4888
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This shows a way to make logging more modular, in the spirit of #3809 and #4415.
I've included comments in the change to explain how that works and some of the issues we would need to address (e.g. the live log level changing facility with signals).
Only
apidandauthenticationhave been modified to demonstrate the approach.This was only tested manually, playing with different
--log-level apid:<level>,authentication:<level>flags and usingsensuctlto log in and out and list various object types, while looking at the backend logs.While not tested extensively, a log level with no component prefix is meant to be interpreted as the default, global log level to use for everything else that's not more finely tuned. For example,
--log-level error,authentication:debugwould mean that we want everything to be at log levelerror, with the exception of theauthenticationmodule being set todebug.Note that we can use a very similar approach to configure different outputs for different components too. That could pave the way towards a cheap, wannabe "audit log" with a configuration like
--log-output authentication:/var/log/sensu/audit.log,authorization:/var/log/sensu/audit.log, with everything else on stderr by default.