search

AdrianHu99 / NOTES

0 stars 0 forks source link

Logging best practices for Splunk #50

Closed AdrianHu99 closed 5 years ago

AdrianHu99 commented 5 years ago

http://dev.splunk.com/view/logging/SP-CAAAFCK

AdrianHu99 commented 5 years ago

Use clear key-value pairs key1=value1, key2=value2, key3=value3 . . .

AdrianHu99 commented 5 years ago

Use unique identifiers (IDs)

AdrianHu99 commented 5 years ago

Log more than just debugging events Put semantic meaning in events to get more out of your data. Log audit trails, what users are doing, transactions, timing information, and so on. Log anything that can add value when aggregated, charted, or further analyzed. In other words, log anything that is interesting to the business.