Comments on: Logging microformats

by: The mass amateurisation of everything, in code at Suttree, Elixir for Immortal Baboon

Tue, 07 Mar 2006 15:05:30 +0000

[…] Turning log files into JSON formatted code to be eval’ed by a Python script (how insecure is that!). Again, do it in PHP and you be laughed at, deservedly. […]

by: Masklinn

Mon, 20 Feb 2006 14:23:35 +0000

Jochem wrote Why not directly log to XML?

Because it doesn't have any advantage over using dicts, is completely unreadable to most human beings, is extremely verbose, and requires specific packages/programs to be parsed?

by: Maciej

Thu, 22 Dec 2005 23:08:20 +0000

wrap logging into function:

def log(**kw):
    print >> logfile, kw

and use it like this:

log(state='failed-to-parse', strange_data=data, time=time.ctime())

by: Mike

Tue, 20 Dec 2005 22:33:12 +0000

Good to see someone else doing this... serialized dicts have been my logging format for years! It's just so easy to add lines in your code like:


if not parseData(data):
  print >> logfile, {'state' : 'failed-to-parse', 'strange-data' : data,
                     'time' : time.ctime() }

Python's serializing code ensures that I'll only get one record per line, regardless of what binary garbage is in the 'data'. And processing existing logs is as easy as grep or:


for line in file('logfile'):
   rec = eval( line.rstrip() )
   if rec['state'] == 'failed-to-parse':
      lookOver( rec['strange-data'] )

Granted, there are security problems if you eval someone else's data, but for logs you generate, this is as easy & powerful as it gets.

by: Wade Leftwich

Tue, 20 Dec 2005 22:17:20 +0000

How about JSON for an eval’able microformat that’s a bit safer? I’ve been doing something similar to the O.P. for a while, saving a web request as str(dict) (and storing it in a db text field). Recently switched over to reading & writing it with json-py.

by: Bill de hÓra

Tue, 20 Dec 2005 13:40:53 +0000

"Why not directly log to XML? "

Jochem: grep.

by: Jochem

Tue, 20 Dec 2005 11:20:36 +0000

Why not directly log to XML? And when the file is closed, to writeout the closing root element. Using (c)ElementTree or any other XML parser to parse the loglines later.

by: Paul

Thu, 15 Dec 2005 21:17:49 +0000

I was going to post the same thing -- q.v. August's AWStats hole, which involved Perl code injected into log lines (via referrer) to be subsequently ingested, and inadvertently executed, by an eval() call in AWStats.

by: Bill de hOra

Wed, 14 Dec 2005 16:42:56 +0000

Les, oh sure; v2 will have a ’strict’ mode ;)

by: l.m.orchard

Wed, 14 Dec 2005 16:36:43 +0000

Of course... if you're going to eval log lines, make sure no end-user is able to drop a payload of their own in there. But other than that, neat trick!