[Osiris-devel]logging design help
brian at shmoo.com
Fri Aug 9 23:27:31 EDT 2002
Here are some thoughts and questions for how to tackle logging. It's
important and I don't want it to be done as an afterthought, I think
it's very necessary to no screw this up for an app like Osiris. There
are two modules involved here --the scanning daemon, and the management
No log file will be used, only syslog. The scanning daemon doesn't have
a config file, so I purpose a simple logging level scheme by which you
set via command line arguments. This would be something like -l <level>
where level is something like 0,1,2,3 ( none, low,medium,high ). All
log statements in the code are assigned a level. I think this is a very
simple and effective logging mechanism for this daemon, it can be
implemented with not much pain.
Two types of logging, host level logging, and management level logging.
The management level pertains to the management daemon itself. Host
level is a set of logs for each host, stored in the host's directory,
For management level logging, there will be two log files, "access.log"
and "error.log", similar to apache. The access log will contain only
log events pertaining to communication with management apps ( CLI,
GUI ). The error log will contain error log events related to things
like loading of certs/keys, unauthorized connection attempts,
unrecognized requests, restart events, events related to dealing with
the local host repository, etc. In the conf file for the management
daemon ( osirismd.conf ) there will be options to set the location where
these two log files will be stored, and what level of logging should be
done ( low, medium, high ). The logging level could also be specified
on the command line when launching the daemon, that would override the
level in the conf file, for that instance.
For host based logging, there will also be an access, and error log for
each host. These files will be stored under a logs directory in the
management daemon's host repository, alongside the databases and configs
for that host. The logs will work in the same way that the they do for
the management daemon, only the events will be related to a particular
host, mostly communication with the scanning daemon.
1. Is this even close to being a good direction to go in as far as logs?j
2. The management daemon can easily have their logs put in /var/log, for
example, but what about the host logs? Is it bad that they are under
the repository, most likely somewhere like
3. What about rotating logs? Is that something that should certainly be
done by the daemon? Is it something that can wait for a future release?
4. Is host based logging even a good idea? What is the best way to
balance the performance of managing hundreds of hosts with respect to
having open file descriptors?
I'm not a sys admin, but I pretend to be one at home so I'm a bit
confused as to whether or not I'm thinking correctly here. I don't know
how I one would ideally like to deal with logs like this.
Brian Wotring ( brian at shmoo.com )
PGP KeyID: 0x9674763D
More information about the osiris-devel