doubledee — 2013-10-08T12:16:25-04:00 — #1
What things are a must have when it comes to "Logging"???
Right now, I have a single "Error Log" table which logs the following when there is an error...
- Error Type
- Error Code
- Source Page
- Member ID
- User IP
- User Hostname
- Created On
This seems to work just fine, but now I am wondering if there other things I should be logging, such as...
1.) When Members Log-In
2.) When Members Log-Out
3.) When People Register
4.) What Pages People Visit
And so on...
I guess I am particularly interested in if I should be doing #1 and #2. (Technically I already log #3 in my Errors Log...)
In the end, as website owner, what kinds of things do I need to log to help me manage my website, and to have an audit trail should issues arise?!
patche — 2013-10-08T13:29:26-04:00 — #2
Well a lot of what you are logging can already be found in your apache access logs. You might want to log the page referrer if you're interested to see where the user came from to get to that page.
cups — 2013-10-08T15:52:48-04:00 — #3
Log the things that will help you debug. If your log is not for debug (arguably then that should be another log) then what is it for? Stats?
doubledee — 2013-10-08T16:18:19-04:00 — #4
Don't you think it would be useful to know when Members log in and log out?
Or what pages they visit?
Or other things that Members do?
force — 2013-10-08T22:53:45-04:00 — #5
If you're talking forensically just to have a record of what's happening, I've been keeping track of logins/logouts, when records are deleted, when new ones are added, and when they are edited (and by whom).
For example, I might use a blurb like this: user ID 5 (Force) deleted user ID 12 (testuser)
doubledee — 2013-10-08T23:23:27-04:00 — #6
So you support the idea of logging...
cups — 2013-10-09T03:09:18-04:00 — #7
Using the word "forensics" suggests you will be going back looking for evidence of crime.
Define why you are logging things and then you will have a better idea of what to log.
The danger of logging everything just because you can is that you end up with log files so huge that they obfuscate important data because of their very size.
You can log to numerous different files, so make sure you name these files very carefully otherwise you will forget what each one is for.
Consider using a proper logging library (PEAR::Log, ZF logging) because then you end up with just single lines of code that you have granular control over at runtime - allowing you to switch logging on and off up set the level of log up or down.
There is another source of logging you should remember is available and that is your database log. There are plenty of options there. General log might be of interest, but could slow you db server.
I just came off a project using SOAP to connect 5 different servers and logging was the only way to figure out what was happening.hence the importance of granular control, ease of access, naming conventions and relevance of data are fresh in my mind.
Don't forget you can also log to a db, sqlite is ideal for this kind of thing (I created an Sqlite driver for PEAR::Log if anyone wants it, shout out).
Once your logging is set up and if you are logging to files, then an hour spent reading about logrotate would be good.
patche — 2013-10-09T06:38:25-04:00 — #8
Not to mention logging can also slow down your site; it's one extra query for every action that you log.
force — 2013-10-09T10:33:20-04:00 — #9
For the system I described, it handles personal information, so it's a good way to audit who has access to the information.
For just a general website or blog, it's probably not necessary.