Re: Certbot excessive logging

To: Saint Germain <saintger@gmail.com>, debian-backports@lists.debian.org
Subject: Re: Certbot excessive logging
From: Christian Seiler <christian@iwakd.de>
Date: Tue, 14 Feb 2017 15:26:39 +0100
Message-id: <[🔎] 2fd2eed3-c2d7-d0c0-9e2d-c4cffc303e37@iwakd.de>
In-reply-to: <[🔎] 20170212223503.425b6ebb@system>
References: <[🔎] 20170211093432.46c23f43@system> <[🔎] 3cde5ae5-0a64-1228-1e10-8e2b77e8f04f@peterpall.de> <[🔎] 20170211193541.mg3746r77sygr6ei@perpetual.pseudorandom.co.uk> <[🔎] 13D54EA4-6BA7-4A83-B60B-FA2ED4F315F9@gmail.com> <[🔎] 3c77dd81-ae81-c662-6229-8eb0eeddae85@iwakd.de> <[🔎] 20170212223503.425b6ebb@system>

On 02/12/2017 10:35 PM, Saint Germain wrote:
> But perhaps indeed I should log everything and filter it only for
> monitoring purpose.

Well, if you lower the log level to 'debug' then you'll log way too
much, so you'll have to strike a balance.

> In my limited experience however, when there was a problem, I often
> managed to quickly isolate it and to activate the relevant debug
> logging and reproduce the bug/problem.
> 
> With your example for instance (cron syslog message), could you provide
> some rational to let it log such messages for years after being set up ?

Well, you don't have to keep your logs for years. ;-)

The point is: if you have a problem that's easily reproducible,
then of course it works to temporarily increase the log level. But
if something goes really wrong _once_, the less messages you have
available after the fact the more difficult it is to figure out
the problem retroactively (and figure out if that's something
you'll need to worry about in the future).

Of course, completely enabling debug logging all the time is also
not a solution, as that will produce just too much data (waste of
storage and makes it much harder to sift through it) - so one has
to strike some kind of balance here.

And when you think about stuff that can go wrong: which services
are being started / stopped at a given time is a very useful
information to have in retrospect when trying to figure out a
problem that happened. So these systemd messages are very useful
to keep around in my opinion - even if you don't want to see them
via e.g. logcheck.

> Another reason was that I used to manage a system with the OS on a
> standard hard drive. Most of the type the system was idle and not doing
> anything. However info-level logging (like cron) kept the hard drive to
> go on standby. So I deactivated such logs (I didn't want to create a
> tmpfs drive for /var/log, this is a hot topic which has been previously
> debated to no end).

You could install laptop-mode-tools and increase the time interval
of drive spinups.

You could log info messages only to tmpfs (but higher priority
messages directly to disk) and rotate the more detailed log once
daily to the disk, so that will only spin up your disk every 24h
because of logs.

You could plug in a small USB stick and store the logs there, that
doesn't use that much power and it doesn't produce noise.

All of these have up and downsides, but they are a few suggestions
you could look into.

Hope that gives you a bit of food for thought.

Regards,
Christian

Reply to:

References:
- Certbot excessive logging
  - From: Saint Germain <saintger@gmail.com>
- Re: Certbot excessive logging
  - From: Gunter Königsmann <gunter@peterpall.de>
- Re: Certbot excessive logging
  - From: Simon McVittie <smcv@debian.org>
- Re: Certbot excessive logging
  - From: SaintGermain <saintger@gmail.com>
- Re: Certbot excessive logging
  - From: Christian Seiler <christian@iwakd.de>
- Re: Certbot excessive logging
  - From: Saint Germain <saintger@gmail.com>

Prev by Date: Re: Removing tests in bpo
Next by Date: Re: Certbot excessive logging
Previous by thread: Re: Certbot excessive logging
Next by thread: Re: Re: broadcom-sta-dkms: 6.30.223.271-2~bpo8 1 build fails for linux 4.9.2-2~bpo8 1
Index(es):
- Date
- Thread