[wildfly-dev] Design Proposal: Log Viewer

Wed Jun 11 04:45:34 EDT 2014

On 11 Jun 2014, at 00:33, James R. Perkins <jperkins at redhat.com> wrote:

> While there wasn't a huge talk about this at the Brno meeting I know 
> Heiko brought it up as part of the extended metrics. It's on some future 
> product road maps as well too. I figured I might as well bring it up 
> here and get opinions on it.
> 
> This design proposal covers how capturing log messages. The "viewer" 
> will likely be an operation that returns an object list of log record 
> details. The design of how a GUI view would look/work is beyond the 
> scope of this proposal.
> 
> There is currently an operation to view a log file. This has several 
> limitations. The file must be defined as a known file handler. There is 
> also no way to filter results, e.g. errors only. If per-deployment 
> logging is used, those log messages are not viewable as the files are 
> not accessible.
> 
> For the list of requirements I'm going to be lazy and just give the link 
> the wiki page https://community.jboss.org/wiki/LogViewerDesign.
> 
> Implementation:
> 
> 1) There will be a new resource on the logging subsystem resource that 
> can be enabled or disabled, currently called log-collector. Probably 
> some attributes, but I'm not sure what will need to be configurable at 
> this point. This will likely act like a handler and be assignable only 
> to loggers and not the async-handler.
> 
> 2) If a deployment uses per-deployment logging then a separate 
> log-collector will need to be added to the deployments log context
> 
> 3) Logging profiles will also have their own log-collector.
> 
> 4) The messages should be written asynchronously and to a file in some 
> kind of formatted structure. The structure will likely be JSON.
> 
> 5) An operation to query the messages will need to be create. This 
> operation should allow the results to be filtered on various fields as 
> well as limit the data set returned and allow for a starting position.
> 
> 6) All operations associated with view the log should use RBAC to 
> control the access.
> 
> 7) Audit logs will eventually need to be viewable and queryable. This 
> might be separate from the logging subsystem as it is now, but it will 
> need to be done.
Something similar to what you say for the logging subsystem could probably be done to configure and write out formatted data, so there might be an opportunity for some code sharing. However, audit logging has extra security concerns. This should only be possible to view for AUDITOR or SUPERUSER. Another, possibly more important, issue is that while we do have a file handler for audit logging, I expect that anybody who takes security seriously will configure audit logging to use the syslog handler. Then writing a copy of the audit log to a local file becomes a security risk. I see you mention the metrics stuff Heiko talked about in your introduction, so if the intent is to use that to write the audit log records, that might be better (although I am not familiar with how security will be handled there)

> 
> 
> There are things like how long or how many records should we keep that 
> needs to be determined. This could possibly be configurable via 
> attributes on the resource.
> 
> This is about all I've got at this point. I'd appreciate any feedback.
> 
> -- 
> James R. Perkins
> JBoss by Red Hat
> 
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev