Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 08:23 UTC
Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 12:38 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 02 Aug 2019 17:43 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 02 Aug 2019 18:41 UTC
(missing)
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 02 Aug 2019 19:53 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 20:00 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 02 Aug 2019 20:44 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 02 Aug 2019 21:22 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 02 Aug 2019 21:24 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 02 Aug 2019 21:50 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 21:28 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 02 Aug 2019 22:02 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 09 Aug 2019 21:40 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 09 Aug 2019 22:25 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 09 Aug 2019 22:53 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 10 Aug 2019 01:33 UTC
Unix logging systems Lassi Kortela 10 Aug 2019 08:19 UTC
Re: Unix logging systems Duy Nguyen 10 Aug 2019 11:00 UTC
Re: Unix logging systems hga@xxxxxx 10 Aug 2019 11:47 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 20:50 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 02 Aug 2019 21:39 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster hga@xxxxxx 02 Aug 2019 22:42 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster Lassi Kortela 02 Aug 2019 22:55 UTC
Re: Amendment 1 to Making SRFI-170 less of a monster John Cowan 03 Aug 2019 02:51 UTC

Unix logging systems Lassi Kortela 10 Aug 2019 08:19 UTC

> Indeed.  I use "nohup command >output &" (you need the &) when starting
> a long-running job on a remote system, so that if the ssh connection
> falls down, "command" will continue to run, and I can consult "output"
> when I reconnect, perhaps much later.

tmux is probably the default thing to use nowadays. But yes, one-off
batch jobs like that would probably be the intended use case of nohup.

> I do want syslog, but in a separate SRFI.

I'm neutral on that. The syslog protocol is simple.

>     They should just write all their logs to stdout/stderr like normal
>     programs,
>
> Just logging to stdout/stderr is really not adequate. Syslog lets the
> application specify an arbitrary number of discrete log streams for
> different purposes, which can be shared with other copies of the
> application or indeed completely different applications.  Furthermore,
> the application need not be a daemon: it can be a batch process or an
> ordinary user program being debugged.
>
> In addition, a severity level (emergency, alert, critical error, error,
> warning, notification, information, or debugging information) is
> associated with each message sent.  The stream ID and severity, along
> with the text, are sent by a standard wire protocol to a syslog server
> (there are a large number of standards-conformant syslog servers).  Such
> servers can be anything from dumb file writers to multiplexers similar
> to daemontools, but with the above information available to assist
> selective logging, ignoring, text messaging, or what not.
>
> It's this sort of thing that makes me and others dislike djb's software:
> he thinks he can reinvent the wheel.  Sometimes he can; sometimes his
> wheel is hexagonal.

I disagree with all of that (and disagreement is fine).

The reinventions are due to specific problems with the prior wheels. In
this case, it was syslog that reinvented the wheel of using stderr for
errors; daemontools merely went back to the original wheel.

The Unix philosophy is that each program does one small thing well.
Writing errors to stderr is a textbook application of this philosophy.
Separate programs can be written to read stderr and
timestamp/route/filter/store it. The resulting system is simpler, more
reliable and more flexible than baking fancy logging separately into
every program (even if you are using a logging library). Mandating a
special logging system will never compose as well as plain old write().

Heroku has scaled this stderr system up to an entire automated server
platform with tons of customers and third-party service providers. It
works extremely well. The 12factor page (<https://12factor.net/logs>)
provides a clear overview of how this works. They also built a tool
called Foreman that simulates Heroku's scaler for local development
(it's a mini-daemontools in one process). That program collects all the
logs from its subprocesses and dumps them into the user's terminal
instead of routing into Heroku's cloud.

 From this perspective, syslog is the hexagonal wheel. It's great that
it has spawned a community of tools, but the abstraction seems inverted:
sending logs to a socket is a fundamental building block of writing logs
to files or writing them to stderr?

In fact, OpenBSD added a sendsyslog() system call (yes, in the kernel)
to make syslog more reliable. And syslogd uses a special device and
ioctl() to listen to those messages. It doesn't seem like sound design
that the architecture requires something as fancy.

Re: multiplexing log streams, many apps are moving to JSON log entries
for easier parsing (particularly for large-scale log analytics and
searches). JSON lines <http://jsonlines.org/> is a simple and effective
way to do it - each line of text is a JSON object. The object can have
any log level and stream identifiers that are useful. I don't remember
which log entry format Heroku uses, but log multiplexing fundamental to
the platform.

As for log levels, here's a thought-provoking read from Dave Cheney:
<https://dave.cheney.net/2015/11/05/lets-talk-about-logging>. He wonders
whether there should be any other log levels besides "debug" and "info".