johngmyers
commented
9 years ago Third-party libraries log in whatever plain text format they choose, and we need that information in the primary launcher.log.
A separate, special-purpose log could be defined as being in JSON. We would need requirements for that specific new type of log.
To enable easier analysis in third-party tools, such as Splunk and Logstash, it would be very valuable to support JSON log output. As I understand it that would require an API change (or addition) to Platform logging in order to: Output timestamp as a JSON key/value, and receive key/value pairs from applications.
JSON log output is extremely helpful when analyzing logs, because analysts do not need to build complex REGEXs from reverse-engineering logs. Over time as subtle log format changes happen, these REGEXs need to be tweaked and updated, which creates a huge log on log analysts and allows events to fall through the cracks.
JSON log output enables analysts to rapidly build alerts and reports for applications, to maximize visibility into performance and security of applications.