On 11 Jun 2014, at 00:33, James R. Perkins
<jperkins(a)redhat.com> wrote:
> While there wasn't a huge talk about this at the Brno meeting I know
> Heiko brought it up as part of the extended metrics. It's on some future
> product road maps as well too. I figured I might as well bring it up
> here and get opinions on it.
>
> This design proposal covers how capturing log messages. The "viewer"
> will likely be an operation that returns an object list of log record
> details. The design of how a GUI view would look/work is beyond the
> scope of this proposal.
>
> There is currently an operation to view a log file. This has several
> limitations. The file must be defined as a known file handler. There is
> also no way to filter results, e.g. errors only. If per-deployment
> logging is used, those log messages are not viewable as the files are
> not accessible.
>
> For the list of requirements I'm going to be lazy and just give the link
> the wiki page
https://community.jboss.org/wiki/LogViewerDesign.
>
> Implementation:
>
> 1) There will be a new resource on the logging subsystem resource that
> can be enabled or disabled, currently called log-collector. Probably
> some attributes, but I'm not sure what will need to be configurable at
> this point. This will likely act like a handler and be assignable only
> to loggers and not the async-handler.
>
> 2) If a deployment uses per-deployment logging then a separate
> log-collector will need to be added to the deployments log context
>
> 3) Logging profiles will also have their own log-collector.
>
> 4) The messages should be written asynchronously and to a file in some
> kind of formatted structure. The structure will likely be JSON.
>
> 5) An operation to query the messages will need to be create. This
> operation should allow the results to be filtered on various fields as
> well as limit the data set returned and allow for a starting position.
>
> 6) All operations associated with view the log should use RBAC to
> control the access.
>
> 7) Audit logs will eventually need to be viewable and queryable. This
> might be separate from the logging subsystem as it is now, but it will
> need to be done.
Something similar to what you say for the logging subsystem could probably be done to
configure and write out formatted data, so there might be an opportunity for some code
sharing. However, audit logging has extra security concerns. This should only be possible
to view for AUDITOR or SUPERUSER. Another, possibly more important, issue is that while we
do have a file handler for audit logging, I expect that anybody who takes security
seriously will configure audit logging to use the syslog handler. Then writing a copy of
the audit log to a local file becomes a security risk. I see you mention the metrics stuff
Heiko talked about in your introduction, so if the intent is to use that to write the
audit log records, that might be better (although I am not familiar with how security will
be handled there)
Okay perfect. I initially didn't even want audit logs shown, but PM
thinks they should be there and accessible.
>
> There are things like how long or how many records should we keep that
> needs to be determined. This could possibly be configurable via
> attributes on the resource.
>
> This is about all I've got at this point. I'd appreciate any feedback.
>
> --
> James R. Perkins
> JBoss by Red Hat
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/wildfly-dev
--
James R. Perkins
JBoss by Red Hat