What should I log?

[Wardrop]

I'm after a bit of input from some of you guys. What sort of data should I log? What data should I add or remove from my current list...

• The type of event (failed login, account modification.etc)
• Date
• Time
• Client IP Address
• Proxy IP Address
• Client Agent and Operating System Details
• HTTP Referrer
• Event type specific information. For example, a log entry for a failed login attempt would store the username and password used for that login attempt.

I already know what to log, and that's things such as failed and successful login, customer account modifications including password changes (password changes will be logged separately).etc. I'll be storing the logs in both a database table and text file. This ensures redundancy and flexibility.

I'll be writing a function which will automatically generate most the event data and write it to both the file and the database.

Any suggestions? Am I on the right track here. I've never implemented a logging system before. What order should the event data be in (in the text file). Should the event type come first, or the date and time?

Cheers!

[Wardrop]

any tips at all?

[RDFrame]

I think you pretty much got 'er

I personally wouldn't bother writing the information to a text file, but if it makes you happier, why not. The only thing I can maybe suggest is add detailed logging of EVERY page the member viewed during the session. My clients usually want this, as it helps them provide customer support. When a member contacts them for help, they can see the exact path the member took, and exactly what pages they viewed.

Oh, and maybe a cron job that automatically deletes / archives sessions older than say 6 or 12 months. Will help keep the application running quickly.

[Wardrop]

Thanks for the reply. I probably wouldn't go the cronjob route, but instead I'll just include a log maintenance area as part of the maintenaince section of the admin control panel.