Logging & Monitoring: Logging categories

By | February 9, 2018

A logging category is a bundle of message codes which describe a function of a process, a method, a flow, or a use case.

Each category has:

  • Name – A descriptive name
  • Type – Audit, Accounting, or Diagnostics
  • Attribute list – A list of attributes that might be logged with messages associated with a category (if applicable)

The categories are arranged in a hierarchical structure and used for logging configuration.

Logging categories help describe the content of the messages that they contain.


If there is an API call which authenticates a user (username & password) then that endpoint could log entries with the following codes:

<DateTime> INFO  ... api.authentication.authenticate.started .... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd"}


<DateTime> INFO  ... api.authentication.authenticate.data.getviausername .... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd"}


<DateTime> INFO  ... api.authentication.authenticate.validate.... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd"}


<DateTime> INFO  ... api.authentication.authenticate.validate.success .... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd"}


<DateTime> INFO  ... api.authentication.authenticate.checkPasswordExpiry .... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd"}


<DateTime> INFO  ... api.authentication.authenticate.finished.... {"username": "user1", "correlationId": "af5b92d4-6ac6-40f1-a469-00c4b59a8ddd", "elapsedMilliseconds": 39.0049}

The hierarchical structure of the category codes in the log entries would allow operations to create alerts, set up alerts by just specifying the configuration of the categories.

To see all logs for the authentication API you would search using code api.authentication.

To see logs for the authenticate call, you would search using api.authentication.authenticate

To see all requests to the authenticate endpoint, you would use api.authentication.authenticate.started

To provide a report of all the failed authentication vs successful attempts you would run a report using the following code: api.authentication.authenticate.validate.failed and api.authentication.authenticate.validate.success

Leave a Reply

Your email address will not be published. Required fields are marked *