Skip to content
Personal Sign UpClinician Sign UpLog in
go to icon
Back to Tidepool Blog
Engineering

Access logging and log message aggregation

Written by
Derrick Burns
on
June 30, 2020

Every programmer has used log messages to debug problems. We do too. For logging to be useful, we must:

  1. Log the right data
  2. Aggregate and persist the data that we need long term access to

Logging the right data

We looked at the log messages generated by our services. Some services were very noisy. At this point in development, we needed the log messages for debugging. Noisy logs were impeding our progress, so we combed through each service to quiet the noisy ones. Some of our services log practically every HTTP request. Some log none. We still have much inconsistency.

Access logging

As we mentioned in our blog post on our API Gateway, our gateway logs every HTTP access to our backend. We collect several fields from the request. We also log information about the response. Here are the fields that we log, using the Envoy access logging notation:

  • %REQ(:authority)%
  • %REQ(:scheme)%
  • %REQ(:method)%
  • %REQ(:path)%
  • %REQ(authorization)%
  • %REQ(content-type)%
  • %REQ(x-tidepool-trace-request)%
  • %REQ(x-tidepool-trace-session)%
  • %REQ(x-tidepool-session-token)%
  • %REQ(x-forwarded-for)%
  • %REQ(user-agent)%
  • %REQ(referer)%
  • %DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%
  • %RESPONSE_CODE%
  • %DURATION%
  • %BYTES_RECEIVED%
  • %RESPONSE_CODE_DETAILS%
  • %REQUEST_DURATION%
  • %RESPONSE_FLAGS%
  • %START_TIME%
  • %UPSTREAM_CLUSTER%

These fields allow us to track all access to our backend back to the clients that attempt such access.

Log aggregation

Each Kubernetes container emits log messages to the standard output.

For casual debugging, we initially used the kubectl from the command line and the Kubernetes dashboard as a GUI. However, we have found k9s more to our liking.

When we need to look at logs from distinct pods, correlated over time, we use kail and stern. (Recently stern has been integrated into k9s.)

This allows quick access to recent logs. But what about access to older logs? And what about persisting access logs?

We use fluentd and fluentbit to aggregate logs and forward them to Sumologic. This addresses our long term log storage needs.

A challenge with this is that our logs can grow quite large! We have found that we must be careful when enabling debug logging to omit those logs from log aggregation entirely!

Upcoming

In our next Engineering blog post, we will discuss how we provision our Kubernetes clusters.

Stay in the Tidepool Loop

We'll keep you updated with all the need to know news and announcements for Tidepool and Tidepool Loop

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Support our work

Donate today to support Tidepool's mission to improve the lives of People with Diabetes through affordable, accessible and interoperable technologies

Donate

Stay in the Tidepool loop

Want to get the latest news and updates about Tidepool and Tidepool Loop? We promise to keep it interesting in your inbox.

Thank you for your interest in Tidepool! Check your email to complete your subscription.
Oops! Something went wrong while submitting the form. Please try again.
FacebookInstagramLinkedInYouTube
Thank you for your interest in Tidepool! Check your email to complete your subscription.
Oops! Something went wrong while submitting the form. Please try again.
Tidepool for ProvidersTidepool+
Viewing your dataHow it worksTidepool for telemedicineSupported devicesDownload our software
Tidepool LoopAutomated insulin dosingTidepool Loop interest form
ResourcesSupport documentationWebinarsDocuments and disclosuresBig Data Donation ProjectUser Research community
AboutTeamPressNewsJobsOpen source
Tidepool.org
Healthcare Professionals
"Tidepool" and the Tidepool logo are registered trademarks of Tidepool Project, a fully-qualified 501(c)(3) nonprofit organization. EIN 46-2302287 | 555 Bryant St. #429 Palo Alto, CA 94301
Terms of UsePrivacy PolicyDocumentsRelease NotesTidepool Status