Logging (computing)

Last updated

In computing, logging is the act of keeping a log of events that occur in a computer system, such as problems, errors or just information on current operations. These events may occur in the operating system or in other software. A message or log entry is recorded for each such event. These log messages can then be used to monitor and understand the operation of the system, to debug problems, or during an audit. Logging is particularly important in multi-user software, to have a central overview of the operation of the system.

Contents

In the simplest case, messages are written to a file, called a log file. [1] Alternatively, the messages may be written to a dedicated logging system or to a log management software, where it is stored in a database or on a different computer system.

Specifically, a transaction log is a log of the communications between a system and the users of that system, [2] or a data collection method that automatically captures the type, content, or time of transactions made by a person from a terminal with that system. [3] For Web searching, a transaction log is an electronic record of interactions that have occurred during a searching episode between a Web search engine and users searching for information on that Web search engine.

Many operating systems, software frameworks and programs include a logging system. A widely used logging standard is Syslog, defined in IETF RFC 5424. [4] The Syslog standard enables a dedicated, standardized subsystem to generate, filter, record, and analyze log messages. This relieves software developers of having to design and code their ad hoc logging systems. [5] [6] [7]

Types

Event logs

Event logs record events taking place in the execution of a system in order to provide. That can be used to understand the activity of the system and to diagnose problems. They are essential to understand particularly in the case of applications with little user interaction.

It can also be useful to combine log file entries from multiple sources. It is a different combination that may yield between with related events on different servers. Other solutions employ network-wide querying and reporting. [8] [9]

Transaction logs

Most database systems maintain some kind of transaction log, which are not mainly intended as an audit trail for later analysis, and are not intended to be human-readable. These logs record changes to the stored data to allow the database to recover from crashes or other data errors and maintain the stored data in a consistent state. Thus, database systems usually have both general event logs and transaction logs. [10] [11] [12] [13]

The use of data stored in transaction logs of Web search engines, Intranets, and Web sites can provide valuable insight into understanding the information-searching process of online searchers. [14] This understanding can enlighten information system design, interface development, and devising the information architecture for content collections.

Message logs

Internet Relay Chat (IRC), instant messaging (IM) programs, peer-to-peer file sharing clients with chat functions, and multiplayer games (especially MMORPGs) commonly have the ability to automatically save textual communication, both public (IRC channel/IM conference/MMO public/party chat messages) and private chat between users, as message logs. [15] Message logs are almost universally plain text files, but IM and VoIP clients (which support textual chat, e.g. Skype) might save them in HTML files or in a custom format to ease reading or enable encryption.

In the case of IRC software, message logs often include system/server messages and entries related to channel and user changes (e.g. topic change, user joins/exits/kicks/bans, nickname changes, the user status changes), making them more like a combined message/event log of the channel in question, but such a log is not comparable to a true IRC server event log, because it only records user-visible events for the time frame the user spent being connected to a certain channel.

Instant messaging and VoIP clients often offer the chance to store encrypted logs to enhance the user's privacy. These logs require a password to be decrypted and viewed, and they are often handled by their respective writing application. Some privacy focused messaging services, such as Signal, record minimal logs about users, limiting their information to connection times. [16]

Server logs

Apache access log showing Wordpress vulnerability bots Apache Log.png
Apache access log showing Wordpress vulnerability bots

A server log is a log file (or several files) automatically created and maintained by a server consisting of a list of activities it performed.

A typical example is a web server log which maintains a history of page requests. The W3C maintains a standard format (the Common Log Format) for web server log files, but other proprietary formats exist. [9] Some servers can log information to computer readable formats (such as JSON) versus the human readable standard. [17] More recent entries are typically appended to the end of the file. Information about the request, including client IP address, request date/time, page requested, HTTP code, bytes served, user agent, and referrer are typically added. This data can be combined into a single file, or separated into distinct logs, such as an access log, error log, or referrer log. However, server logs typically do not collect user-specific information.

These files are usually not accessible to general Internet users, only to the webmaster or other administrative person of an Internet service. A statistical analysis of the server log may be used to examine traffic patterns by time of day, day of week, referrer, or user agent. Efficient web site administration, adequate hosting resources and the fine tuning of sales efforts can be aided by analysis of the web server logs.

See also

Related Research Articles

<span class="mw-page-title-main">IRC</span> Protocol for real-time Internet chat and messaging

IRC is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called channels, but also allows one-on-one communication via private messages as well as chat and data transfer, including file sharing.

<span class="mw-page-title-main">Instant messaging</span> Form of computer communication over the internet or locally

Instant messaging (IM) technology is a type of synchronous computer-mediated communication involving the immediate (real-time) transmission of messages between two or more parties over the Internet or another computer network. Originally involving simple text message exchanges, modern IM applications and services tend to also feature the exchange of multimedia, emojis, file transfer, VoIP, and video chat capabilities.

Middleware in the context of distributed applications is software that provides services beyond those provided by the operating system to enable the various components of a distributed system to communicate and manage data. Middleware supports and simplifies complex distributed applications. It includes web servers, application servers, messaging and similar tools that support application development and delivery. Middleware is especially integral to modern information technology based on XML, SOAP, Web services, and service-oriented architecture.

<span class="mw-page-title-main">ChatZilla</span> IRC client

ChatZilla is an IRC client that is part of SeaMonkey. It was previously an extension for Mozilla-based browsers such as Firefox, introduced in 2000. It is cross-platform open source software which has been noted for its consistent appearance across platforms, CSS appearance customization and scripting.

A web service (WS) is either:

<span class="mw-page-title-main">XMPP</span> Communications protocol for message-oriented middleware

Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.

In computing, syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the type of system generating the message, and is assigned a severity level.

Push technology, also known as server Push, refers to a communication method, where the communication is initiated by a server rather than a client. This approach is different from the "pull" method where the communication is initiated by a client.

<span class="mw-page-title-main">Log4j</span> Java-based logging software

Apache Log4j is a Java-based logging utility originally written by Ceki Gülcü. It is part of the Apache Logging Services, a project of the Apache Software Foundation. Log4j is one of several Java logging frameworks.

<span class="mw-page-title-main">Virtuoso Universal Server</span> Computer software

Virtuoso Universal Server is a middleware and database engine hybrid that combines the functionality of a traditional relational database management system (RDBMS), object–relational database (ORDBMS), virtual database, RDF, XML, free-text, web application server and file server functionality in a single system. Rather than have dedicated servers for each of the aforementioned functionality realms, Virtuoso is a "universal server"; it enables a single multithreaded server process that implements multiple protocols. The free and open source edition of Virtuoso Universal Server is also known as OpenLink Virtuoso. The software has been developed by OpenLink Software with Kingsley Uyi Idehen and Orri Erling as the chief software architects.

For computer log management, the Common Log Format, also known as the NCSA Common log format, is a standardized text file format used by web servers when generating server log files. Because the format is standardized, the files can be readily analyzed by a variety of web analysis programs, for example Webalizer and Analog.

Microsoft SQL Server is a proprietary relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network. Microsoft markets at least a dozen different editions of Microsoft SQL Server, aimed at different audiences and for workloads ranging from small single-machine applications to large Internet-facing applications with many concurrent users.

<span class="mw-page-title-main">Extromatica Network Monitor</span>

Extromatica Network Monitor is a network monitoring application created and maintained by Extromatica company. It is designed to monitor network hardware, servers and network services for faults and performance degradation. It alerts users when things go wrong and again when they get better. The software supports a variety of real-time notification mechanisms, including Short Message Service (SMS).

In computing, Flow is middleware software which allows data-integration specialists to connect disparate systems ; transforming and restructuring data as required between environments. Flow functionality can be utilised for data integration projects, for EDI and for data-conversion activities. Developed by Flow Software Ltd in New Zealand, Flow is available through a variety of partner companies or directly from Flow Software in New Zealand and Australia.

This article compares features and other data about client and server software for Direct Connect, a peer-to-peer file sharing protocol.

The following outline is provided as an overview of and topical guide to the Perl programming language:

The following is provided as an overview of and topical guide to databases:

<span class="mw-page-title-main">Octopussy (software)</span> Log analysis software

Octopussy, also known as 8Pussy, is a free and open-source computer-software which monitors systems, by constantly analyzing the syslog data they generate and transmit to such a central Octopussy server. Therefore, software like Octopussy plays an important role in maintaining an information security management system within ISO/IEC 27001-compliant environments.

References

  1. DeLaRosa, Alexander (February 8, 2018). "Log Monitoring: not the ugly sister". Pandora FMS . Archived from the original on February 14, 2018. Retrieved February 14, 2018. A log file is a text file or XML file used to register the automatically produced and time-stamped documentation of events, behaviors and conditions relevant to a particular system.
  2. Peters, Thomas A. (1993-02-01). "The history and development of transaction log analysis". Library Hi Tech. 11 (2): 41–66. doi:10.1108/eb047884. ISSN   0737-8831.
  3. Rice, Ronald E.; Borgman, Christine L. (1983). "The use of computer-monitored data in information science and communication research". Journal of the American Society for Information Science. 34 (4): 247–256. doi:10.1002/asi.4630340404. ISSN   0002-8231.
  4. R. Gerhards (March 2009). The Syslog Protocol. Network Working Group. doi: 10.17487/RFC5424 . RFC 5424.Proposed Standard. Obsoletes RFC  3164.
  5. "XML Logging :: WinSCP". winscp.net. 16 June 2022.
  6. "Use XML for Log Files". CodeProject. August 22, 2008.
  7. "Turn Your Log Files into Searchable Data Using Regex and the XML Classes". learn.microsoft.com. 24 June 2011.
  8. "Log File Viewer - SQL Server". learn.microsoft.com. 28 February 2023.
  9. 1 2 "Extended Log File Format". www.w3.org.
  10. "The Transaction Log (SQL Server) - SQL Server". learn.microsoft.com. 27 September 2023.
  11. Stankovic, Ivan (February 11, 2014). "A beginner's guide to SQL Server transaction logs".
  12. "Understanding the importance of transaction logs in SQL Server". TechRepublic. November 11, 2004.
  13. "Logfiles". www.neurobs.com.
  14. Jansen, Bernard J. (2006). "Search log analysis: What it is, what's been done, how to do it". Library & Information Science Research. 28 (3). Elsevier BV: 407–432. doi:10.1016/j.lisr.2006.06.005. ISSN   0740-8188.
  15. "LogFile Class (Microsoft.SqlServer.Management.Smo)". learn.microsoft.com.
  16. Brandom, Russell (2 January 2018). "Iran blocks encrypted messaging apps amid nationwide protests". The Verge. Vox Media. Archived from the original on 22 March 2018. Retrieved 23 March 2018.
  17. Server, Caddy Web. "How Logging Works - Caddy Documentation". caddyserver.com.