chocolatey / choco

Chocolatey - the package manager for Windows
https://chocolatey.org
Other
10.33k stars 904 forks source link

Feature Request - Additional Control over Chocolatey logging #1384

Open Geogboe opened 7 years ago

Geogboe commented 7 years ago

Feature Request - Additional Control over Chocolatey logging

Overview

When installing a Chocolatey package there may be times when you need to control the logging behavior. Currently, some logging control has been implemented with Pass sensitive arguments to installers #948 but I'd like to submit a request for more control over logging.

What You Are Seeing?

When running choco install <application> -y verbose logs are dumped into c:\ProgramData\chocolatey\logs\chocolatey.log and c:\ProgramData\chocolatey\logs\choco.summary.log

Why does this matter?

When environment variables have been set and are being utilized by Install-ChocolateyPackage or Install-ChocolateyInstallPackage (or other Chocolatey functions) and choco install <application> -y is running, those variables will be expanded and dumped into the Chocolatey logs.

Why does this matter?

When running chocolatey commands, all logging appears to be verbose and can't be reduced.

Why does this matter?

Possible Ideas

  1. Enable a choco.exe command line parameter which disables ALL logging during that run. This is similar to the command that already exists which reduces console output.

Example:

choco.exe install <application> -y --no-log

  1. Enable a configuration option which blocks ALL logging globally or on a source level. This option could be saved in the Chocolatey config file and either modified with choco.exe config or set during the choco source add. Applications required for security purposes could thus be better hidden.

  2. Modifications to size, retention policy, and logging directives.

For instance,

First feature request Sorry in advance if this isn't the correct structure. I deleted the template blocks because they seemed to only pertain to issues.

ferventcoder commented 7 years ago

Similar to #682 and #948.

ferventcoder commented 7 years ago

@Geogboe

When environment variables have been set and are being utilized by Install-ChocolateyPackage or Install-ChocolateyInstallPackage (or other Chocolatey functions) and choco install -y is running, those variables will be expanded and dumped into the Chocolatey logs.

I'm a little confused by this. We don't expand and log environment variables by default for this very reason. Where are you seeing this?

You can turn on an optional feature that would do this, but because of the security considerations that surround this, it is turned off by default. #563 - https://github.com/chocolatey/choco/commit/fe640fb1bf95012954f02e2e4e9b2d5c8857cefe

ferventcoder commented 7 years ago

When running chocolatey commands, all logging appears to be verbose and can't be reduced.

We typically search the files for what you are looking for - and there are lots of tools out there that can help bubble only the relevant log items. It's easy to reduce the input through searching, but you can't get more verbose/debugging details if it is not in the logs, and many times that surrounding information is helpful, at least for us.

ferventcoder commented 7 years ago
  1. Enable a choco.exe command line parameter which disables ALL logging during that run. This is similar to the command that already exists which reduces console output.

I like it. We can't promise this will be in the open source edition considering it's hard to see where this would be useful for an open source user, but we definitely see a use for it in commercial editions, where features like this that make sense for organizations typically end up (even if they would later trickle down to open source).

ferventcoder commented 7 years ago
  1. Enable a configuration option which blocks ALL logging globally or on a source level. This option could be saved in the Chocolatey config file and either modified with choco.exe config or set during the choco source add. Applications required for security purposes could thus be better hidden.

Similar to the last one, definitely like this aspect.

ferventcoder commented 7 years ago
  1. Modifications to size, retention policy, and logging directives.

This is actually already filed as #890. Please continue that aspect of the conversation over there.

LawrenceIRL commented 6 years ago

Enable a choco.exe command line parameter which disables ALL logging during that run. This is similar to the command that already exists which reduces console output.

I like it. We can't promise this will be in the open source edition considering it's hard to see where this would be useful for an open source user, but we definitely see a use for it in commercial editions, where features like this that make sense for organizations typically end up (even if they would later trickle down to open source).

+1 on this feature. I could see a use for it in our environment. I'd like to set it on a per-command basis even if I can't set it globally.