Versions Compared

Old Version 5

changes.mady.by.user Luke Parker

Saved on

compared with

New Version Current

changes.mady.by.user Michael O'Brien

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

About This Document

Official R1 documentation snapshot in  https://onap.readthedocs.io/en/latest/submodules/logging-analytics.git/docs/

THIS was a DRAFT WIP for R1 - ONAP Amsterdam Release - it is deprecatedTHIS IS A DRAFT.

This document specifies logging conventions to be followed by ONAP component applications.

...

  

ONAP logging is intended to support operability, debugging and reporting on ONAP. These guidelines address:

...

Java is assumed, but conventions may also be implemented by non-Java components. 

Original ONAP Logging guidelines: https://wiki.onap.org/download/attachments/1015849/ONAP%20application%20logging%20guidelines.pdf?api=v2

Introduction

The purpose of ONAP logging is to capture information needed to operate, troubleshoot and report on the performance of the ONAP platform and its constituent components. Log records may be viewed and consumed directly by users and systems, indexed and loaded into a datastore, and used to compute metrics and generate reports. 

...

Context

TODO: more on the importance of transaction ID propagation.

MDCs

A Mapped Diagnostic Context (MDC) allows an arbitrary string-valued attribute to be attached to a Java thread. The MDC's value is then emitted with each log message.  The set of MDCs associated with a log message is serialized as unordered name-value pairs (see Text Output).

A good discussion of MDCs can be found at https://logback.qos.ch/manual/mdc.html

...

This is often referred to by other names, including "Transaction ID", and one of several (pre-standardization) REST header names including X-ECOMP-RequestID and X-ONAP-RequestID.

ONAP logging uses a universally unique "RequestID" value in log records to track the processing of each client request across all the ONAP components involved in its processing.

...

The proposed approach is that:

  • Callers:
    • Issue a new, unique InvocationID UUID for each downstream call they make. 
    • Log the intent new InvocationID, indicating the intent to invoke with :
      • With Markers INVOKE, and SYNCHRONOUS if the invocation is synchronous.
      • With their own InvocationID still set as an MDC.
    • Pass the InvocationID as an X-InvocationID REST header.
  • Invoked components:
    • Retrieve the InvocationID from REST headers upon invocation, or generate a UUID default
    • Set the InvocationID MDC.
    • Write a log entry with the Marker ENTRY. (In EELF this will be to the AUDIT log).
    • Act as per Callers in all downstream requests. 
    • Write a log entry with the Marker EXIT upon return. (In EELF this will be to the METRIC log).
    • Unset the InvocationID MDC all MDCs on exit.

That seems onerous, but:

...

TODO: cross-reference EELF output to v1 doc.

IDMDCDescriptionRequiredEELF Audit

EELF Metric

EELF Error

EELF Debug

1BeginTimestamp

Date-time that processing activities being logged begins. The value should be represented in UTC and formatted per ISO 8601, such as “2015-06-03T13:21:58+00:00”. The time should be shown with the maximum resolution available to the logging component (e.g., milliseconds, microseconds) by including the appropriate number of decimal digits. For example, when millisecond precision is available, the date-time value would be presented as, as “2015-06-03T13:21:58.340+00:00”.

Y



2EndTimestamp

Date-time that processing for the request or event being logged ends. Formatting rules are the same as for the BeginTimestamp field above.

In the case of a request that merely logs an event and has not subsequent processing, the EndTimestamp value may equal the BeginTimestamp value.

Y



3ElapsedTime

This field contains the elapsed time to complete processing of an API call or transaction request (e.g., processing of a message that was received). This value should be the difference between. EndTimestamp and BeginTimestamp fields and must be expressed in milliseconds.

Y



4ServiceInstanceID

This field is optional and should only be included if the information is readily available to the logging component.

Transaction requests that create or operate on a particular instance of a service/resource can
identify/reference it via a unique “serviceInstanceID” value. This value can be used as a primary key for
obtaining or updating additional detailed data about that specific service instance from the inventory
(e.g., AAI). In other words:

  • In the case of processing/logging a transaction request for creating a new service instance, the serviceInstanceID value is determined by either a) the MSO client and passed to MSO or b) by MSO itself upon receipt of a such a request.
  • In other cases, the serviceInstanceID value can be used to reference a specific instance of a service as would happen in a “MACD”-type request.
  • ServiceInstanceID is associated with a requestID in log records to facilitate tracing its processing over multiple requests and for a specific service instance. Its value may be left “empty” in subsequent record to the 1 st record where a requestID value is associated with the serviceInstanceID value.

NOTE: AAI won’t have a serviceInstanceUUID for every service instance. For example, no serviceInstanceUUID is available when the request is coming from an application that may import inventory data.






5VirtualServerNamePhysical/virtual server name. Optional: empty if determined that its value can be added by the agent that collects the log files collecting.




6ServiceName

For Audit log records that capture API requests, this field contains the name of the API invoked at the component creating the record (e.g., Layer3ServiceActivateRequest).

For Audit log records that capture processing as a result of receipt of a message, this field should contain the name of the module that processes the message.

Y



7PartnerNameThis field contains the name of the client application user agent or user invoking the API if known.Y



8StatusCode

This field indicates the high level status of the request. It must have the value COMPLETE when the request is successful and ERROR when there is a failure.

Y



9ResponseCode

This field contains application-specific error codes. For consistency, common error categorizations should be used.






10ResponseDescription

This field contains a human readable description of the ResponseCode.





11
11InstanceUUID

If known, this field contains a universally unique identifier used to differentiate between multiple instances of the same (named) log writing service/application. Its value is set at instance creation time (and read by it, e.g., at start/initialization time from the environment). This value should be picked up by the component instance from its configuration file and subsequently used to enable differentiation of log records created by multiple, locally load balanced ONAP component or subcomponent instances that are otherwise identically configured.






12SeverityOptional: 0, 1, 2, 3 see Nagios monitoring/alerting for specifics/details.




13TargetEntity

It contains the name of the ONAP component or sub-component, or external entity, at which the operation activities captured in this metrics log record is invoked.

Y



14TargetServiceNameIt contains the name of the API or operation activities invoked at the TargetEntity.Y



15Server

This field contains the Virtual Machine (VM) Fully Qualified Domain Name (FQDN) if the server is virtualized. Otherwise, it contains the host name of the logging component.

Y



16ServerIPAddress

This field contains the logging component host server’s IP address if known (e.g. Jetty container’s listening IP address). Otherwise it is empty.






17ServerFQDNUnclear, but possibly duplicating one or both of Server and ServerIPAddress.




18ClientIPAddress

This field contains the requesting remote client application’s IP address if known. Otherwise this field can be empty.






19ProcessKey

This field can be used to capture the flow of a transaction through the system by indicating the components and operations involved in processing. If present, it can be denoted by a comma separated list of components and applications.






20RemoteHostUnknown.




21AlertSeverityUnknown.




22TargetVirtualEntityUnknown




23ClassNameDefunct. Doesn't require an MDC.




24ThreadIDDefunct. Doesn't require an MDC.




25CustomField1(Defunct now that MDCs are serialized as NVPs.)




26CustomField2(Defunct now that MDCs are serialized as NVPs.)




27CustomField3(Defunct now that MDCs are serialized as NVPs.)




28CustomField4(Defunct now that MDCs are serialized as NVPs.)

Markers

Markers differ from MDCs in two important ways:

  1. They have a name, but no value. They are a tag. 
  2. Their scope is limited to logger calls which specifically reference them; they are not ThreadLocal

Logging






Examples

SDC-BE

20170907: audit.log

Code Block
root@ip-172-31-93-160:/dockerdata-nfs/onap/sdc/logs/SDC/SDC-BE# tail -f audit.log
2017-09-07T18:04:03.679Z|||||qtp1013423070-72297||ASDC|SDC-BE|||||||N/A|INFO||||10.42.88.30||o.o.s.v.r.s.VendorLicenseModelsImpl||ActivityType=<audit>, Desc=< --Audit-- Create VLM. VLM Name: lm4>

TODO: this is the earlier output format. Let's find an example which matches the latest line format.

Markers

Markers differ from MDCs in two important ways:

  1. They have a name, but no value. They are a tag. 
  2. Their scope is limited to logger calls which specifically reference them; they are not ThreadLocal

Logging

Via SLF4J:

Code Block
languagejava
linenumberstrue
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;
import org.slf4j.MarkerFactory;
// ...
final Logger logger = LoggerFactory.getLogger(this.getClass());
final Marker marker = MarkerFactory.getMarker("MY_MARKER");
logger.warn(marker, "This warning has a 'MY_MARKER' annotation.");

EELF does not allow Markers to be set directly. See notes on the InvocationID MDC.

Serializing

Marker names also need to be escaped, though they're much less likely to contain problematic characters than MDC values.

Escaping in Logback configuration can be achieved with:

Code Block
languagetext
linenumberstrue
%replace(%replace(%marker){'\t','\\\\t'}){'\n','\\\\n'}


Marker - ENTRY

This should be reported as early in invocation as possible, immediately after setting the RequestID and InvocationID MDCs.

It can be automatically set by EELF, and written to the AUDIT log. 

It must be manually set otherwise. 

EELF:

Code Block
languagejava
titleEELF
linenumberstrue
//TODO

SLF4J:

Code Block
languagejava
titleSLF4J
linenumberstrue
public static final Marker ENTRY = MarkerFactory.getMarker("ENTRY");
// ... 
final Logger logger = LoggerFactory.getLogger(this.getClass());
logger.debug(ENTRY, "Entering.");

Marker - EXIT

This should be reported as late in invocation as possible, immediately before unsetting the RequestID and InvocationID MDCs.

It can be automatically reported by EELF, and written to the METRIC log. 

It must be manually set otherwise.

EELF:

Code Block
languagejava
titleEELF
linenumberstrue
//TODO

SLF4J:

Code Block
languagejava
titleSLF4J
linenumberstrue
public static final Marker EXIT = MarkerFactory.getMarker("EXIT");
// ... 
final Logger logger = LoggerFactory.getLogger(this.getClass());
logger.debug(EXIT, "Exiting.");

Marker - INVOKE

This should be reported by the caller of another ONAP component via REST, including a newly allocated InvocationID, which will be passed to the caller. 

SLF4J:

Code Block
languagejava
titleSLF4J
linenumberstrue
public static final Marker INVOKE = MarkerFactory.getMarker("INVOKE");
// ...

// Generate and report invocation ID. 

final String invocationID = UUID.randomUUID().toString();
MDC.put(MDC_INVOCATION_ID, invocationID);
try {
    logger.debug(INVOKE_SYNCHRONOUS, "Invoking synchronously ... ");
}
finally {
    MDC.remove(MDC_INVOCATION_ID);
}

// Pass invocationID as HTTP X-InvocationID header.

callDownstreamSystem(invocationID, ... );

TODO: EELF, without changing published APIs.

Marker - SYNCHRONOUS

This should accompany INVOKE when the invocation is synchronous.

Via SLF4J:

Code Block
languagejava
titleSLF4J
linenumberstrue
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;
import org.slf4j.MarkerFactory;
// ...
final Logger logger = LoggerFactory.getLogger(this.getClass());
final Marker marker = public static final Marker INVOKE_SYNCHRONOUS;
static {
    INVOKE_SYNCHRONOUS = MarkerFactory.getMarker("INVOKE");
    INVOKE_SYNCHRONOUS.add(MarkerFactory.getMarker("MY_MARKERSYNCHRONOUS"));
logger.warn(marker, "This warning has a 'MY_MARKER' annotation.");

EELF does not allow Markers to be set directly. See notes on the InvocationID MDC.

Serializing

Marker names also need to be escaped, though they're much less likely to contain problematic characters than MDC values.

Escaping in Logback configuration can be achieved with:

Code Block
languagetext
linenumberstrue
%replace(%replace(%marker){'\t','\\\\t'}){'\n','\\\\n'}

Marker - ENTRY

This should be reported as early in invocation as possible, immediately after setting the RequestID and InvocationID MDCs.

It can be automatically set by EELF, and written to the AUDIT log. 

It must be manually set otherwise:

Marker - EXIT

This should be reported as late in invocation as possible, immediately before unsetting the RequestID and InvocationID MDCs.

It can be automatically reported by EELF, and written to the METRIC log. 

It must be manually set otherwise.

Marker - INVOKE

This should be reported by the caller of another ONAP component via REST, including a newly allocated InvocationID, which will be passed to the caller. 

TODO: EELF, without changing published APIs.

Marker - SYNCHRONOUS

...


}
// ...

// Generate and report invocation ID. 

final String invocationID = UUID.randomUUID().toString();
MDC.put(MDC_INVOCATION_ID, invocationID);
try {
    logger.debug(INVOKE_SYNCHRONOUS, "Invoking synchronously ... ");
}
finally {
    MDC.remove(MDC_INVOCATION_ID);
}

// Pass invocationID as HTTP X-InvocationID header.

callDownstreamSystem(invocationID, ... );

TODO: EELF, without changing published APIs. 

...

ONAP needs to strike a balance between human-readable and machine-readable logs. This means:

  • The use of tab as a (\t) as a delimiter.
  • Escaping all messages, exceptions, MDC values, Markers, etc. to replace tabs in their content.
  • Escaping all newlines with \n so that each entry is on one line. 

...

The output of which, with MDCs, a Marker and a nested exception, with newlines added for readability looks like:

TODO: remove tab below

Code Block
languagetext
linenumberstrue
org.onap.example.component1.subcomponent1.LogbackTest
\t2017-08-06T16:09:03.594Z
\tERROR
\tHere's an error, that's usually bad
\tkey1=value1, key2=value2 with space, key5=value5"with"quotes, key3=value3\nwith\nnewlines, key4=value4\twith\ttabs
\tjava.lang.RuntimeException: Here's Johnny
\n\tat org.onap.example.component1.subcomponent1.LogbackTest.main(LogbackTest.java:24)
\nWrapped by: java.lang.RuntimeException: Little pigs, little pigs, let me come in
\n\tat org.onap.example.component1.subcomponent1.LogbackTest.main(LogbackTest.java:27)
\tAMarker1
\tmain

...

Configuration archetypes can be found in the ONAP codebase. Choose according to your provider, and whether you're logging via EELF. Efforts to standardize them are underway, so the ones you should be looking for are where tab pipe (|) is used as a separator. (Previously it was "|").

...

  1. Conventions regarding configuration, line format and output. 
  2. Obligations regarding context propagationEnsuring the propagation of contextual information

You must:

  1. Choose a Logging provider and/or EELF. Decisions, decisions.
  2. Create a configuration file based on an existing archetype. See Configuration.
  3. Read your configuration file when your components initialize logging.
  4. Write logs to a standard location so that they can be shipped by Filebeat for indexing. See Output Location.
  5. Report transaction state:
    1. Retrieve, default and propagate RequestID.  See MDC - RequestID.
    2. At each invocation of one ONAP component by another:
      1. Initialize and propagate InvocationID.  See MDC - Invocation ID.
      2. Report INVOKE and SYNCHRONOUS markers in caller. 
      3. Report ENTRY and EXIT markers in recipient. 
  6. Write useful logs!

 They are unordered.