Wikipedia

Logging (computing): Difference between revisions

Browse history interactively
← Previous edit
Content deleted Content added
VisualWikitext
trash
Tags: Reverted Visual edit Mobile edit Mobile web edit
m Reverted edit by 2806:2F0:5501:F1B3:1858:EC3D:2B13:7691 (talk) to last version by Materialscientist
 
(40 intermediate revisions by 34 users not shown)
Line 3:
{{distinguish|Data logger}}
 
In [[computing]], '''logging''' is the act of keeping a [[wikt:log#Etymology 2|log]] of [[Event (computing)|events]] that occur in a computer system, such as problems, errors or justbroad information on current operations. These events may occur in the [[operating system]] or in other [[software]]. A message or '''log entry''' is recorded for each such event. These log messages can then be used to monitor and understand the operation of the system, to [[debugging|debug]] problems, or during an [[audit]]. Logging is particularly important in [[multi-user software]], to have a central overview of the operation of the system.
 
In the simplest case, messages are written to a file, called a '''log file'''.<ref>{{cite web |url= https://blog.pandorafms.org/log-monitoring/ |title= Log Monitoring: not the ugly sister |access-date = February 14, 2018 |last= DeLaRosa |first= Alexander |date= February 8, 2018 |website= [[Pandora FMS]] |language = english |quote= A log file is a text file or XML file used to register the automatically produced and time-stamped documentation of events, behaviors and conditions relevant to a particular system. |archive-url= https://web.archive.org/web/20180214153657/https://blog.pandorafms.org/log-monitoring/
|archive-date= February 14, 2018}}</ref> Alternatively, the messages may be written to a dedicated logging system or to a [[log management]] software, where it is stored in a database or on a different computer system.
 
Specifically, a '''transaction log''' is a log of the communications between a system and the users of that system,<ref>{{cite journal | last=Peters, T.| (1993)first=Thomas A. | title=The history and development of transaction log analysis. | journal=Library Hi Tech., 42(| volume=11), 41−66| issue=2 | date=1993-02-01 | issn=0737-8831 | doi=10.1108/eb047884 | pages=41–66}}</ref> or a data collection method that automatically captures the type, content, or time of transactions made by a person from a terminal with that system.<ref>{{cite journal | last1=Rice, R.| first1=Ronald E., &| last2=Borgman, C.| first2=Christine L. (1983).| title=The use of computer-monitored data in information science. and communication research | journal=Journal of the American Society for Information Science, 44,| volume=34 | issue=4 | date=1983 | issn=0002-8231 | doi=10.1002/asi.4630340404 | 247−256pages=247–256}}</ref> For Web searching, a transaction log is an electronic record of interactions that have occurred during a searching episode between a Web search engine and users searching for information on that Web search engine.
 
Many operating systems, software frameworks and programs include a logging system. A widely used logging standard is [[Syslog]], defined in Internet Engineering Task Force (IETF) [[Request for Comments|IETF RFC]] 5424).{{Ref RFC|5424}} The Syslog standard enables a dedicated, standardized subsystem to generate, filter, record, and analyze log messages. This relieves software developers of having to design and code their ad hoc logging systems.<ref>{{Cite web|url=https://winscp.net/eng/docs/logging_xml|title=XML Logging :: WinSCP|website=winscp.net|date=16 June 2022 }}</ref><ref>{{Cite web|url=https://www.codeproject.com/Articles/28752/Use-XML-for-Log-Files|title=Use XML for Log Files|date=August 22, 2008|website=CodeProject}}</ref><ref>{{Cite web|url=https://learn.microsoft.com/en-us/previous-versions/dotnet/articles/ms972965(v=msdn.10)|title=Turn Your Log Files into Searchable Data Using Regex and the XML Classes|website=learn.microsoft.com|date=24 June 2011 }}</ref>
 
== Event logsTypes ==
=== TransactionEvent logs ===
 
'''Event logs''' record events taking place in the execution of a system in order to provide an [[audit trail|audit yourselfs]] that can be used to understand the activity of the system and to diagnose problems.
They are essential to understand the activities of complex systems, particularly in the case of applications with little user interaction (such as gentalmens agreementapplications).
 
It can also be useful to combine log file entries from multiple sources. It is a different combination that may yield between seeminglywith unrelatedrelated events on different servers. Other solutions employ network-wide querying and [[report|ng]]ing.<ref>{{Cite web|url=https://learn.microsoft.com/en-us/sql/relational-databases/logs/log-file-viewer|title=Log File Viewer - SQL Server|website=learn.microsoft.com|date=28 February 2023 }}</ref><ref name="auto">{{Cite web |title=Extended Log File Format |url=https://www.w3.org/TR/WD-logfile.html|title=Extended Log File Format|website=www.w3.org}}</ref>
It can also be useful to combine log file entries from multiple sources. This approach, in combination with [[statistical analysis]], may yield [[Statistical correlation|corrections]] departmen ...
 
=== Transaction log analysislogs ===
between seemingly unrelated events on different servers. Other solutions employ network-wide querying [[report|ng]].<ref>{{Cite web|url=https://learn.microsoft.com/en-us/sql/relational-databases/logs/log-file-viewer|title=Log File Viewer - SQL Server|website=learn.microsoft.com}}</ref><ref name="auto">{{Cite web|url=https://www.w3.org/TR/WD-logfile.html|title=Extended Log File Format|website=www.w3.org}}</ref>
 
== Transaction logs ==
{{Main|Transaction log}}
 
Most [[Database|database systems]] maintain some kind of '''transaction log''', which are not mainly intended as an audit trail for later analysis, and are not intended to be [[human-readable]]. These logs record changes to the stored data to allow the database to recover from [[Crash (computing)|crashes]] or other data errors and maintain the stored data in a consistent state. Thus, database systems usually have both general event logs and transaction logs.<ref>{{Cite web|url=https://learn.microsoft.com/en-us/sql/relational-databases/logs/the-transaction-log-sql-server|title=The Transaction Log (SQL Server) - SQL Server|website=learn.microsoft.com|date=27 September 2023 }}</ref><ref>{{Cite web|url=https://www.sqlshack.com/beginners-guide-sql-server-transaction-logs/|title=A beginner’sbeginner's guide to SQL Server transaction logs|first=Ivan|last=Stankovic|date=February 11, 2014}}</ref><ref>{{Cite web|url=https://www.techrepublic.com/article/understanding-the-importance-of-transaction-logs-in-sql-server/|title=Understanding the importance of transaction logs in SQL Server|date=November 11, 2004|website=TechRepublic}}</ref><ref>{{Cite web|url=https://www.neurobs.com/pres_docs/html/03_presentation/07_data_reporting/01_logfiles/index.html|title=Logfiles|website=www.neurobs.com}}</ref>
 
The use of data stored in transaction logs of Web search engines, Intranets, and Web sites can provide valuable insight into understanding the information-searching process of online searchers.<ref>{{cite journal | last=Jansen, B.| first=Bernard J. 2006.| title=Search log analysis: What is it; is, what's been done;, how to do it. | journal=Library and& Information Science Research, | publisher=Elsevier BV | volume=28( | issue=3), 407| year=2006 | issn=0740-4328188 | doi=10.1016/j.lisr.2006.06.005 | pages=407–432}}</ref> This understanding can enlighten information system design, interface development, and devising the information architecture for content collections.
=== Transaction log analysis ===
The use of data stored in transaction logs of Web search engines, Intranets, and Web sites can provide valuable insight into understanding the information-searching process of online searchers.<ref>Jansen, B. J. 2006. Search log analysis: What is it; what's been done; how to do it. Library and Information Science Research, 28(3), 407-432</ref> This understanding can enlighten information system design, interface development, and devising the information architecture for content collections.
 
=== Message logs ===
 
[[Internet Relay Chat|Internet Relay Chat (IRC)]], [[Instant messaging|instant messaging (IM)]] programs, [[peer-to-peer]] file sharing clients with chat functions, and [[Multiplayer video game|multiplayer]] games (especially [[MMORPG]]s) commonly have the ability to automatically save textual communication, both public (IRC channel/IM conference/MMO public/party chat messages) and private chat between users, as message logs.<ref>{{Cite web|url=https://learn.microsoft.com/en-us/dotnet/api/microsoft.sqlserver.management.smo.logfile?view=sql-smo-preview|title=LogFile Class (Microsoft.SqlServer.Management.Smo)|website=learn.microsoft.com}}</ref>
Message logs are almost universally plain text files, but IM and [[VoIP]] clients (which support textual chat, e.g. Skype) might save them in [[HTML]] files or in a custom format to ease reading or enable [[encryption]].
 
In the case of IRC software, message logs often include system/server messages and entries related to channel and user changes (e.g. topic change, user joins/exits/[[List of Internet Relay Chat commands#KICK|kicks]]/[[Block (Internet)|bans]], [[nickname]] changes, the user status changes), making them more like a combined message/event log of the channel in question, but such a log isn'tis not comparable to a true IRC server event log, because it only records user-visible events for the time frame the user spent being connected to a certain channel.
=== Internet Relay Chat (IRC) ===
 
Instant messaging and VoIP clients often offer the chance to store encrypted logs to enhance the user's privacy. These logs require a password to be decrypted and viewed, and they are often handled by their respective writing application. Some privacy focused messaging services, such as [[Signal (softwaremessaging app)|Signal]], record minimal logs about users, limiting their information to connection times.<ref>{{cite web|last1=Brandom|first1=Russell|title=Iran blocks encrypted messaging apps amid nationwide protests|url=https://www.theverge.com/2018/1/2/16841292/iran-telegram-block-encryption-protest-google-signal|website=The Verge|publisher=Vox Media|access-date=23 March 2018|date=2 January 2018|archive-date=1122 DecemberMarch 20222018|archive-url=https://web.archive.org/web/20180322015257/https://www.theverge.com/2018/1/2/16841292/iran-telegram-block-encryption-protest-google-signal|url-status=live}}</ref>
In the case of IRC software, message logs often include system/server messages and entries related to channel and user changes (e.g. topic change, user joins/exits/[[List of Internet Relay Chat commands#KICK|kicks]]/[[Block (Internet)|bans]], [[nickname]] changes, the user status changes), making them more like a combined message/event log of the channel in question, but such a log isn't comparable to a true IRC server event log, because it only records user-visible events for the time frame the user spent being connected to a certain channel.
 
===Server Instant messaging logs{{anchor|Server}}===
 
Instant messaging and VoIP clients often offer the chance to store encrypted logs to enhance the user's privacy. These logs require a password to be decrypted and viewed, and they are often handled by their respective writing application. Some privacy focused messaging services, such as [[Signal (software)|Signal]], record minimal logs about users, limiting their information to connection times.<ref>{{cite web|last1=Brandom|first1=Russell|title=Iran blocks encrypted messaging apps amid nationwide protests|url=https://www.theverge.com/2018/1/2/16841292/iran-telegram-block-encryption-protest-google-signal|website=The Verge|publisher=Vox Media|access-date=23 March 2018|date=2 January 2018|archive-date=11 December 2022|archive-url=https://web.archive.org/web/20180322015257/https://www.theverge.com/2018/1/2/16841292/iran-telegram-block-encryption-protest-google-signal|url-status=live}}</ref>
 
==Server log{{anchor|Server}}==
[[File:Apache Log.png|thumb|Apache access log showing Wordpress vulnerability bots]]
A '''server log''' is a log file (or several files) automatically created and maintained by a [[Server (computing)|server]] consisting of a list of activities it performed.
 
A '''server log''' is a log file (or several files) automatically created and maintained by a [[Server (computing)|server]] consisting of a list of activities it performed.
A typical example is a [[Webserver directory index|web server]] log which maintains a history of page requests. The [[World Wide Web Consortium|W3C]] maintains a standard format (the [[Common Log Format]]) for web server log files, but other proprietary formats exist.<ref name="auto"/> Some servers can log information to computer readable formats (such as [[JSON]]) versus the human readable standard.<ref>{{Cite web|url=https://caddyserver.com/|title=How Logging Works - Caddy Documentation|first=Caddy Web|last=Server|website=caddyserver.com}}</ref> More recent entries are typically appended to the end of the file. Information about the request, including [[client (computing)|client]] [[IP address]], request [[Calendar date|date]]/[[time]], [[webpage|page]] requested, [[HTTP]] code, bytes served, [[user agent]], and [[HTTP referrer|referrer]] are typically added. This data can be combined into a single file, or separated into distinct logs, such as an access log, [[error]] log, or referrer log. However, server logs typically do not collect user-specific information.
 
A typical example is a [[Webserver directory index|web server]] log which maintains a history of page requests. The [[World Wide Web Consortium|W3C]] maintains a standard format (the [[Common Log Format]]) for web server log files, but other proprietary formats exist.<ref name="auto"/> Some servers can log information to computer readable formats (such as [[JSON]]) versus the human readable standard.<ref>{{Cite web|url=https://caddyserver.com/|title=How Logging Works - Caddy Documentation|first=Caddy Web|last=Server|website=caddyserver.com}}</ref> More recent entries are typically appended to the end of the file. Information about the request, including [[client (computing)|client]] [[IP address]], request [[Calendar date|date]]/[[time]], [[webpage|page]] requested, [[HTTPs|HTTP]] code, bytes served, [[user agent]], and [[HTTP referrer|referrer]] are typically added. This data can be combined into a single file, or separated into distinct logs, such as an access log, [[error]] log, or referrer log. However, server logs typically do not collect user-specific information.
 
These files are usually not accessible to general Internet users, only to the [[webmaster]] or other administrative person of an Internet service. A statistical analysis of the server log may be used to examine traffic patterns by time of day, day of week, referrer, or user agent. Efficient web site administration, adequate hosting resources and the fine tuning of sales efforts can be aided by analysis of the web server logs.
 
== See also ==<!-- PLEASE RESPECT ALPHABETICAL ORDER -->
 
* [[Common Log Format]]
* [[{{annotated link|Digital traces]]}}
* {{annotated link|Log management}}
* [[Event Viewer]]
* {{annotated link|Logging as a service}}
* [[Java Logging Frameworks]] – logging frameworks for [[Java (programming language)|Java]]
* {{annotated link|XML log}}
* .NET Logging Frameworks - logging frameworks for [[.NET Framework|.NET]]
* {{section link|Tracing_(software)#Event_logging}} - comparing software tracing with event logging
* [[List of web analytics software]]
* {{section link|Security event management#Event logs}} - with a focus on security management
* [[Logbook]]
* [[Log4J]]
* [[Log management and intelligence]]
* [[Logging as a Service (LaaS)]]
* Pantheios – logging API library
* [[Runtime intelligence]]
* [[Server log]]
* [[Web counter]]
* [[Web log analysis software]]
* [[XML log]]
 
== References ==
 
{{Reflist|2}}
{{refs}}
 
{{Authority control}}
Retrieved from "https://en.wikipedia.org/wiki/Logging_(computing)"