Versions Compared

Old Version 3

changes.mady.by.user Luke Parker

Saved on

compared with

New Version 4

changes.mady.by.user Luke Parker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

An important aspect of this is analytics, which requires tracing of requests between components. In a large, distributed system such as ONAP this is critical to understanding behavior and performance. 

...

Messages, Levels, Components and Categories

It isn't really the the purpose aim of this document to reiterate the basics, so advice here is general: 

  • Use a logger. Consider using EELF. 
  • Write log messages in English.
  • Write meaningful messages. Consider what will be useful to consumers of logger output. 
  • Use errorcodes to characterise exceptions.
  • Log Write at the appropriate level. Be aware of the volume of logs that will be produced.
  • Log in a machine-readable format. See Conventions.
  • Log for analytics as well as troubleshooting.

...

  • All reported MDCs are logged with both name AND value. Logging output should not treat any MDCs as special.
  • All MDC names and values are escaped.

Escaping in Logback configuration can be achieved with:

Code Block
languagetext
linenumberstrue
%replace(%replace(%mdc){'\t','\\\\t'}){'\n','\\\\n'}

...

  • It's only a few calls. 
  • It can probably be largely abstracted in the case of EELF logging.

TODO: code.

MDCs -

...

the Rest

Other MDCs are logged in a wide range of contexts.

Certain MDCs and their semantics may be specific to EELF log types.

TODO: cross-reference EELF output to v1 doc.

MDCDescriptionRequiredEELF Audit

EELF Metric

EELF Error

EELF Debug

BeginTimestamp

Date-time that processing activities being logged begins. The value should be represented in UTC and formatted per ISO 8601, such as “2015-06-03T13:21:58+00:00”. The time should be shown with the maximum resolution available to the logging component (e.g., milliseconds, microseconds) by including the appropriate number of decimal digits. For example, when millisecond precision is available, the date-time value would be presented as, as “2015-06-03T13:21:58.340+00:00”.

Y



EndTimestamp

Date-time that processing for the request or event being logged ends. Formatting rules are the same as for the BeginTimestamp field above.

In the case of a request that merely logs an event and has not subsequent processing, the EndTimestamp value may equal the BeginTimestamp value.

Y



ElapsedTime

This field contains the elapsed time to complete processing of an API call or transaction request (e.g., processing of a message that was received). This value should be the difference between. EndTimestamp and BeginTimestamp fields and must be expressed in milliseconds.

Y



ServiceInstanceID

This field is optional and should only be included if the information is readily available to the logging component.

Transaction requests that create or operate on a particular instance of a service/resource can
identify/reference it via a unique “serviceInstanceID” value. This value can be used as a primary key for
obtaining or updating additional detailed data about that specific service instance from the inventory
(e.g., AAI). In other words:

  • In the case of processing/logging a transaction request for creating a new service instance, the serviceInstanceID value is determined by either a) the MSO client and passed to MSO or b) by MSO itself upon receipt of a such a request.
  • In other cases, the serviceInstanceID value can be used to reference a specific instance of a service as would happen in a “MACD”-type request.
  • ServiceInstanceID is associated with a requestID in log records to facilitate tracing its processing over multiple requests and for a specific service instance. Its value may be left “empty” in subsequent record to the 1 st record where a requestID value is associated with the serviceInstanceID value.

NOTE: AAI won’t have a serviceInstanceUUID for every service instance. For example, no serviceInstanceUUID is available when the request is coming from an application that may import inventory data.






VirtualServerNamePhysical/virtual server name. Optional: empty if determined that its value can be added by the agent that collects the log files collecting.




ServiceName

For Audit log records that capture API requests, this field contains the name of the API invoked at the component creating the record (e.g., Layer3ServiceActivateRequest).

For Audit log records that capture processing as a result of receipt of a message, this field should contain the name of the module that processes the message.






PartnerNameThis field contains the name of the client application user agent or user invoking the API if known.




StatusCode

This field indicates the high level status of the request. It must have the value COMPLETE when the request is successful and ERROR when there is a failure.






ResponseCode

This field contains application-specific error codes. For consistency, common error categorizations should be used.






ResponseDescription

This field contains a human readable description of the ResponseCode.






InstanceUUID

If known, this field contains a universally unique identifier used to differentiate between multiple instances of the same (named) log writing service/application. Its value is set at instance creation time (and read by it, e.g., at start/initialization time from the environment). This value should be picked up by the component instance from its configuration file and subsequently used to enable differentiation of log records created by multiple, locally load balanced ONAP component or subcomponent instances that are otherwise identically configured.






SeverityOptional: 0, 1, 2, 3 see Nagios monitoring/alerting for specifics/details.




TargetEntity

It contains the name of the ONAP component or sub-component, or external entity, at which the operation activities captured in this metrics log record is invoked.

Y



TargetServiceNameIt contains the name of the API or operation activities invoked at the TargetEntity.Y



Server

This field contains the Virtual Machine (VM) Fully Qualified Domain Name (FQDN) if the server is virtualized. Otherwise, it contains the host name of the logging component.






ServerIPAddress

This field contains the logging component host server’s IP address if known (e.g. Jetty container’s listening IP address). Otherwise it is empty.






ServerFQDNUnclear, but possibly duplicating one or both of Server and ServerIPAddress.




ClientIPAddress

This field contains the requesting remote client application’s IP address if known. Otherwise this field can be empty.






ProcessKey

This field can be used to capture the flow of a transaction through the system by indicating the components and operations involved in processing. If present, it can be denoted by a comma separated list of components and applications.






RemoteHostUnknown.




AlertSeverityUnknown.




TargetVirtualEntityUnknown




ClassNameDefunct. Doesn't require an MDC.




ThreadIDDefunct. Doesn't require an MDC.




CustomField1(Defunct now that MDCs are serialized as NVPs.)




CustomField2(Defunct now that MDCs are serialized as NVPs.)




CustomField3(Defunct now that MDCs are serialized as NVPs.)




CustomField4(Defunct now that MDCs are serialized as NVPs.)




...

Marker names also need to be escaped, though they're much less likely to contain problematic characters than MDC values.

In LogbackEscaping in Logback configuration can be achieved with:

Code Block
languagetext
linenumberstrue
%replace(%replace(%marker){'\t','\\\\t'}){'\n','\\\\n'}

...

This should be reported by the caller of another ONAP component via REST, including a newly allocated InvocationID, which will be passed to the caller. 

TODO: EELF, without changing published APIs.

Marker - SYNCHRONOUS

This should accompany INVOKE when the invocation is synchronous.

TODO: EELF, without changing published APIs. 

Conventions

Output Format

Several considerations:

Errorcodes

Errorcodes are reported as MDCs. 

Exceptions should be accompanied by an errrorcode. Typically this means incorporating errorcodes into your exception hierarchy and error handling. ONAP components generally do not share this kind of code. 

Output Format

Several considerations:

  1. Logs should be human-readable (within reasonLogs should be human-readable (within reason). 
  2. Shipper and indexing performance and durability depends on logs that can be parsed quickly and reliably.
  3. Consistency means fewer shipping and indexing rules are required.

...

Configuration archetypes can easily be found in the ONAP codebase. Choose according to your provider, and whether you're logging via EELF. Efforts to standardize them are underway, so the ones you should be looking for are where tab is used as a separator. (Previously it was "|").

Retention

Logfiles are often large. Logging providers allow retention policies to be configured. 

Retention has to balance:

...

  1. Files <= 50MB before rollover. 
  2. Files retain for 30 days. 
  3. Total files capped at 10GB. 

In logback Logback configuration XML:

Code Block
languagexml
linenumberstrue
<property<appender name="queueSize" value="256"/>
<property name="maxFileSize" value="50MB"/>
<property name="maxHistory" value="30"/>
<property name="totalSizeCap" value="10GB"/>

<appender name="file" class="ch.qos.logback.core.rolling.RollingFileAppender">
    <file>${outputDirectory}/${outputFilename}.log</file>
    <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
        <fileNamePattern>${outputDirectory}/${outputFilename}.%d{yyyy-MM-dd}.%i.log.zip</fileNamePattern>
        <maxFileSize>${maxFileSize}<<maxFileSize>50MB</maxFileSize>
        <maxHistory>${maxHistory}<<maxHistory>30</maxHistory>
        <totalSizeCap>${totalSizeCap}<<totalSizeCap>10GB</totalSizeCap>
    </rollingPolicy>
    <encoder>
        <charset>UTF-8</charset>
        <pattern>${defaultPattern}</pattern><!-- ... -->
    </encoder>
</appender>

Types of EELF Logs

...