[logback-user] Feedback from using Logback in an audit component

Chad La Joie chad.lajoie at switch.ch
Tue Nov 4 09:08:04 CET 2008 

Thanks Anders.

Anders Hammar wrote:
> Hi,
> 
> Attached is a UML class diagram of the basics of the audit logger
> implementation utilizing Logback. As you can see it's not very
> complicated. What I have left out is most of the Joran configuration
> parts (you don't need to use Joran for configuration if you don't want
> to) and our extension of PatternLayoutBase (which uses a bunch of
> Converters specific to our case).
> 
> Once again, have a look at logback-access for instance and it
> shouldn't be to hard to figure out.
> 
> /Anders
> 
> On Fri, Oct 31, 2008 at 1:21 PM, Chad La Joie <chad.lajoie at switch.ch> wrote:
>> Thanks.  We use Logback for a product with modestly large deployment.  I
>> have an audit log now but I'm not entirely happy with it.  Event-based
>> log entries would be a large step in the right direction.
>>
>> Anders Hammar wrote:
>>> Hi Chad,
>>>
>>> I'm sorry to say no, my customer doesn't share code. Especially not
>>> for this component. But due to the good design of logback this was
>>> very straight forward. As I said, I used logback-core and implemented
>>> a few classes on top of this. I found looking at how things were
>>> solved in logback-classic and logback-access very helpful. I ran into
>>> a few problems when extending some classes for our specific needs, but
>>> I filed jiras regarding that and I believe it has been fixed in
>>> 0.9.10/11.
>>>
>>> What I could do is sharing some kind of UML class diagram to show the
>>> idea. I'll look at that on Monday.
>>>
>>> /Anders
>>>
>>> On Fri, Oct 31, 2008 at 9:45 AM, Chad La Joie <chad.lajoie at switch.ch> wrote:
>>>> Hey Anders,
>>>>
>>>> Do you have any code that you could share that shows how you did the
>>>> event-based audit logging vs the standard level-based?
>>>>
>>>> Anders Hammar wrote:
>>>>> I was asked by Ceki to share my successful Logback story with you all.
>>>>>
>>>>> In a former assignment for one of our customers, we implemented an
>>>>> audit component. The customer is to use this component in their
>>>>> applications to audit end-user activities.
>>>>>
>>>>> In some earlier application specific audit implementations, log4j had
>>>>> been used. However, log4j (and pretty much all existing application
>>>>> logging frameworks that I looked at) has the notion of logging levels.
>>>>> For auditing (at least in this customer's case) we have actions/events
>>>>> which have no relation between them. So, having levels of debug, info,
>>>>> warn, etc isn't right but we rather have independent events.
>>>>> When I found Logback it was kind of love at first sight, the modular
>>>>> design fitted beautifully with what we wanted and we chose Logback
>>>>> (specifically logback-core) for our actual audit logging. We based
>>>>> this choice on two factors in specific:
>>>>> 1. The possibility of log on actions/events rather than levels (as
>>>>> above described)
>>>>> 2. The possiblity of having several independently configured logback
>>>>> instances. (This is not possible with log4j for instance, and as the
>>>>> customer's app server of choice uses log4j we would need to combine
>>>>> application logging and audit logging configuration - which is not
>>>>> good out of security perspective.)
>>>>>
>>>>> Also, the extensive documentation made my work easy to recommend the
>>>>> framework. As we all know, good documentation is not always the case
>>>>> in OSS. However, as mentioned on the mailing list earlier, the lack of
>>>>> a 1.0 release could have been a problem. However, Ceki's track record
>>>>> (with log4j) made me feel safe still going with Logback.
>>>>>
>>>>> As i personally strongly believe in OSS I normally participate and
>>>>> contribute to the community of the libs I use. However, working as a
>>>>> consultant I just can't be involved in everything and tend to only
>>>>> stay active as long as the assignment lasts (there are a few
>>>>> exceptions). Therefore I don't subscribe to this mailing list any
>>>>> longer, but I will monitor this thread so if you have any questions
>>>>> regarding my use case I'll be happy to answer them.
>>>>>
>>>>> /Anders
>>>>> _______________________________________________
>>>>> Logback-user mailing list
>>>>> Logback-user at qos.ch
>>>>> http://qos.ch/mailman/listinfo/logback-user
>>>> --
>>>> SWITCH
>>>> Serving Swiss Universities
>>>> --------------------------
>>>> Chad La Joie, Software Engineer, Net Services
>>>> Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
>>>> phone +41 44 268 15 75, fax +41 44 268 15 68
>>>> chad.lajoie at switch.ch, http://www.switch.ch
>>>>
>>>> _______________________________________________
>>>> Logback-user mailing list
>>>> Logback-user at qos.ch
>>>> http://qos.ch/mailman/listinfo/logback-user
>>>>
>>> _______________________________________________
>>> Logback-user mailing list
>>> Logback-user at qos.ch
>>> http://qos.ch/mailman/listinfo/logback-user
>> --
>> SWITCH
>> Serving Swiss Universities
>> --------------------------
>> Chad La Joie, Software Engineer, Net Services
>> Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
>> phone +41 44 268 15 75, fax +41 44 268 15 68
>> chad.lajoie at switch.ch, http://www.switch.ch
>>
>> _______________________________________________
>> Logback-user mailing list
>> Logback-user at qos.ch
>> http://qos.ch/mailman/listinfo/logback-user
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Logback-user mailing list
>> Logback-user at qos.ch
>> http://qos.ch/mailman/listinfo/logback-user

-- 
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad.lajoie at switch.ch, http://www.switch.ch

More information about the Logback-user mailing list