Re: [HACKERS] RFC: Industrial-strength logging (long message) - Mailing list pgsql-hackers
From | Tom Lane |
---|---|
Subject | Re: [HACKERS] RFC: Industrial-strength logging (long message) |
Date | |
Msg-id | 1734.940699505@sss.pgh.pa.us Whole thread Raw |
In response to | RFC: Industrial-strength logging (long message) (Tim Holloway <mtsinc@southeast.net>) |
Responses |
Re: [ADMIN] Re: [HACKERS] RFC: Industrial-strength logging (long message)
("Aaron J. Seigo" <aaron@gtv.ca>)
|
List | pgsql-hackers |
Tim Holloway <mtsinc@southeast.net> writes: > Request For Comments: Towards an industrial-strength > logging facility Sounds pretty good overall. > This depends. I like a console-style listing, as my needs are > simple. Others would prefer that the log be itself a database. Note that logging into a table is harder than you might think. For example: (1) The postmaster cannot touch tables at all, so no events detected in the postmaster could be logged that way. (2) No events detected during a transaction that ultimately aborts will be successfully logged. (3) Logging events such as "server failure" would be quite risky --- if the server has suffered internal state corruption then it could manage to corrupt the log table entirely while it's trying to add its last-dying-breath report. Fortunately none of these problems apply to stderr, syslog, or plain-text-file reporting channels. > There are 3 types of information in the logging > configuration file (which may, but likely won't, be part of > pg_hba.conf) No, it should definitely not be part of pg_hba.conf, it should be a separate configuration file. (pg_hba.conf has a syntax too simple to be easily extensible.) Another possibility is to keep the config info in a system table, but that would have a number of drawbacks (the postmaster cannot read tables, nor can a backend that's just starting up and hasn't finished initialization). On the whole, a plain text file in the database directory is probably the best bet. > Logging info is read at startup. There may > exist signals that cause it to be reread, but not just yet. There MUST exist a way to alter the logging level on-the-fly; IMHO this is a rock bottom, non negotiable requirement. A production system can't restart the postmaster just to tweak the logging level up or down for investigation of a problem. Whether it's a signal or something else remains to be determined. We have pretty nearly used up all the available signal numbers :-(. I suppose that whichever signal is currently used to trigger rereading of the pg_options configuration file could also trigger re-reading of the logging config file. > To avoid potential loss > of critical info, any message not explicitly routed at least > once gets reported on the default channel - stderr/syslog, > unless otherwise configured. Hmm, so I'd have to explicitly discard every message I didn't want to hear about? I think that "forced display" like this should only happen for high-severity messages, not for routine junk. There doesn't seem to be any notion of message importance in your design, but I think there should be. Most people would probably prefer to filter on an importance level, only occasionally resorting to calling out specific message types. > Especially of interest is what the shape of the config file should be. > Is the the pseudo-HTML format shown good? You could do worse than to borrow BIND's syntax for log control. regards, tom lane
pgsql-hackers by date: