saving events, transactions, changes, etc. to some repository (Flat File, Data Store) to assist in monitoring system behavior.

I've been looking for some Best Practices in log formatting, writing, reading, etc.

  • can you assume your log is chronological? what if the code is Multi Threaded/MultiProcess? (Ran into this with Netscape web server...)

  • timestamp every line? look up the time again for every line, or have the value be "sticky" over some small duration of activity (e.g. within a single function)?

  • try to indicate "level" in some way? (indent via asterisks)

  • how examine a huge log file? grep only gives you single lines matching pattern, where you usually want to see multiple lines around each occurrence. Do you write some log extraction code to step through a huge file and write out extracts when you're curious about some particular event?

Edited:    |       |    Search Twitter for discussion