Planning Your Log Collection

Ask about this page
Perplexity
Grok

The whole process of setting up observability for your organization can seem like a daunting task. I've found that it’s best to start small and from a place that allows you to see the most value as easily and quickly as possible. In that light, logging is the best place to start!

When it comes to setting up logging, it helps tremendously to have a project plan to organize your approach. From there, you can break tasks up into stories with appropriate pointing based on the complexity. A well-thought-out plan can help clarify where you are in the process, where you want to be, and the specific steps that you need to take to set up logging.

If you begin by documenting your current concerns and noting how you can address them with logging, you can ensure that this knowledge isn't just captured by one person, but also shared with others. Documenting will reduce the risk of having a single point of failure when it comes to planning how you should approach your log collection.

Organizing What's Important in Your Logging Strategy

A good place to start is with a problem statement. This will ensure that everyone understands why logging is so important for your systems and applications and what needs to improve about your existing strategy. A few questions that can help get you started include:

  • What are the blind spots in the observability of your systems and applications? 
  • Could monitors be created by gathering these logs?
  • Could logging help monitor an internal SLO for any of your current SLAs? 

Starting with questions like these can help spark ideas and increase awareness among team members and stakeholders as to why logging is so critical for maintaining healthy systems and applications. 

You’ll soon realize that if you don’t take advantage of logging, you won’t be able to operate as efficiently and effectively as you would like due to your lack of visibility. Logging can easily improve the stability and reliability of your platform because it will allow you to glean data-driven insights from your logs. 

Without logging, your engineering teams may also find it difficult to collaborate with one another in order to solve problems. For example, your engineers might be going through many steps to view your Kubernetes logs when an issue occurs, or they might be going through the application’s stack trace to try to grep out all of the errors. Not only does this method take a lot of time, it can be an ineffective way to try to link issues together, making it difficult to identify the root cause. If this is a concern for your teams, include them in creating the problem statement and have them work together to create a new logging strategy. 

Defining Scope

By defining the scope of the project, you’ll ensure that everyone involved is on the same page. Once your teams have decided what logs are important to aggregate and what information you need to capture from them, you can define the scope of work and set metrics for success. You should break things down into:

  • Must-Haves: These are things that you need in order for the project to be successful. For example, a must-have for you may be to set up logging using Mezmo, formerly known as LogDNA, for each customer account in your organization.
  • Stretch Goals: These are things that might be good to add to the project if there is time before the deadline. For example, a stretch goal for you may be to store archived logs in an AWS s3 bucket for future use or to set up monitors based on log data collected to alert when problems arise.
  • Not in Scope: This is anything seemingly related to logging that might not have a direct impact on the success of the project. For example, something that's not in scope may be setting up APM for each account that has logging.

Prioritizing Your Logging Strategy

After your plan for logging has been scoped out, the next step is to prioritize your list of items to make sure that the most urgent items are completed first. This can be done by tagging each element with a P1, P2, or P3 to note its priority level. If you aren’t familiar with this system, the levels are: 

  • P1 – High priority: Without these logs, you’ll incur many hours of tech debt trying to resolve common issues, such as ones related to server health and security. For example, if you properly log requests for the NGINX server on which your application runs, you’ll be able to gather information about the latency of each request. In addition, data obtained can be used to gauge customer satisfaction and also used to track your SLAs. 
  • P2 – Medium Priority: These tasks are impacting engineers and possibly users, but there are workarounds in place. In other words, there is no fire to put out – yet.
  • P3 – Low Priority: These would be nice to have, but they aren’t crucial. For example, it would be handy to have logging for internal systems like GitHub. (You can learn more about that at: https://docs.mezmo.com/docs/github-events.)

Conclusion: Rolling Out Your Logging Plan to Have Logs for Days


Finally, after strategizing and creating a plan that fits the needs of your organization, you’ll need to start rolling out your logging solution. Luckily, Mezmo makes getting started super easy! Docs will show you how to ingest logs into the Mezmo platform and create your own parsing rules. Using integrations, which are very easy to set up, you can start getting logs in as little as two minutes. You can find the guide at https://docs.mezmo.com/docs.

Table of contents

    More articles

    How to Reduce Log Volume Without Losing Visibility
    How to Reduce Log Volume Without Losing Visibility
    Log Management
    What Is Log Rehydration? Understanding the Process and Benefits
    What Is Log Rehydration? Understanding the Process and Benefits
    Log Management
    Log Metrics: What are they? How can they be used? What insights can be garnered at scale?
    Log Metrics: What are they? How can they be used? What insights can be garnered at scale?
    Log Management
    What is MultiCloud Monitoring & Management?
    What is MultiCloud Monitoring & Management?
    Log Management
    Live Tail: What It Is, Why It’s Useful, How To Use It
    Live Tail: What It Is, Why It’s Useful, How To Use It
    Log Management
    Log Data: What it is and why it matters
    Log Data: What it is and why it matters
    Log Management
    Istio Logging 101
    Istio Logging 101
    Log Management
    How to Use JSON Logs
    How to Use JSON Logs
    Log Management
    Understanding and Leveraging AWS Cloudwatch Logs
    Understanding and Leveraging AWS Cloudwatch Logs
    Log Management
    What Is a Tail Log?
    What Is a Tail Log?
    Log Management
    How to Use S3 Access Logs
    How to Use S3 Access Logs
    Log Management
    Benefits of Data Logging
    Benefits of Data Logging
    Log Management
    What is Real-time Log Monitoring?
    What is Real-time Log Monitoring?
    Log Management
    Managing Digital Compliance During Digital Transformation
    Managing Digital Compliance During Digital Transformation
    Log Management
    A Comprehensive Guide to Kubernetes Monitoring Tools
    A Comprehensive Guide to Kubernetes Monitoring Tools
    Log Management
    The Role of Infrastructure Monitoring in DevOps
    The Role of Infrastructure Monitoring in DevOps
    Log Management
    5 Practical Ways to Build a Secure CI/CD Pipeline
    5 Practical Ways to Build a Secure CI/CD Pipeline
    Log Management
    Why and How to Analyze Deployment Health Through CI/CD Logs
    Why and How to Analyze Deployment Health Through CI/CD Logs
    Log Management
    What is Application Lifecycle Management
    What is Application Lifecycle Management
    Log Management
    What Is A Real-Time Dashboard?
    What Is A Real-Time Dashboard?
    Log Management
    Log Indexing and Rotation for Optimized Archival
    Log Indexing and Rotation for Optimized Archival
    Log Management
    What is Log Rotation? How Does it Work?
    What is Log Rotation? How Does it Work?
    Log Management
    Logging for Application Security
    Logging for Application Security
    Log Management
    How Do You Manage Logs?
    How Do You Manage Logs?
    Log Management
    How Custom Parsing Can Boost Developer Productivity
    How Custom Parsing Can Boost Developer Productivity
    Log Management
    7 Best Practices for Log Management and Analytics
    7 Best Practices for Log Management and Analytics
    Log Management
    Enhancing Communication Across Your Teams With Logging
    Enhancing Communication Across Your Teams With Logging
    Log Management
    Which Log Files Should Users Onboard to Build an Observability Platform?
    Which Log Files Should Users Onboard to Build an Observability Platform?
    Log Management
    What Information Does Log Aggregation Capture?
    What Information Does Log Aggregation Capture?
    Log Management
    The Key Benefits of Log Data
    The Key Benefits of Log Data
    Log Management
    Capturing the Most Critical Information Within Your Logs
    Capturing the Most Critical Information Within Your Logs
    Log Management
    The Importance of Data Privacy and Confidentiality for Log Management
    The Importance of Data Privacy and Confidentiality for Log Management
    Log Management
    SOC 2 and its Benefits
    SOC 2 and its Benefits
    Log Management
    Logging for Microservices
    Logging for Microservices
    Log Management
    System Logging Best Practices
    System Logging Best Practices
    Log Management
    Why HIPAA and Compliance Matters to Logging
    Why HIPAA and Compliance Matters to Logging
    Log Management
    Application Security and Compliance through Logging
    Application Security and Compliance through Logging
    Log Management
    Log Management Compliance for Saas Applications
    Log Management Compliance for Saas Applications
    Log Management
    What is Log Aggregation? Log Aggregation Explained
    What is Log Aggregation? Log Aggregation Explained
    Log Management
    What is Log Analysis?
    What is Log Analysis?
    Log Management
    What to Look for in a HIPAA-Compliant Log Management Tool
    What to Look for in a HIPAA-Compliant Log Management Tool
    Log Management
    What is Structured Logging?
    What is Structured Logging?
    Log Management
    Why Is Log Management Important?
    Why Is Log Management Important?
    Log Management
    Top Use Cases for Log Analysis
    Top Use Cases for Log Analysis
    Log Management