A comprehensive and consistent way of logging is a crucial pillar for operability. Therefore, the following rules should be followed:
Logs must only be produced using the Monitor
service,
which offers 4 different log levels:
Error events that might lead the application to abort or still allow it to continue running.
Used in case of an unexpected interruption of the flow or when something is broken, i.e. an operator has to take action. e.g. service crashes, database in illegal state, ... even if there is chance of self recovery.
Potentially harmful situations messages.
Used in case of an expected event that does not interrupt the flow but that should be taken into consideration.
Informational messages that highlight the progress of the application at coarse-grained level.
Used to describe the normal flow of the application.
Fine-grained informational events that are most useful to debug an application.
Used to describe details of the normal flow that are not interesting for a production environment.
- every exception with
severe
orwarning
- every
Result
object evaluated asfailed
:- with
severe
if this is something that interrupts the flow and someone should take care of immediately - with
warning
if this is something that doesn't interrupt the flow but someone should take care of, because it could give worse results in the future
- with
- every important message that's not an error with
info
- other informative events like incoming calls at the API layer or state changes with
debug
- secrets and any other potentially sensitive data, like the payload that is passed through the
data-plane
- an exception that will be thrown in the same block
- not strictly necessary information, like "entering method X", "leaving block Y", "returning HTTP 200"