We always give all of our best work to development. We create code we are proud to attach our name to, and then we throw it on production. When it gets to production, there are going to problems, and the first thing you are going to do is head to your logs. So why aren’t we taking more steps to have easier accessible logs?
Log management in Ruby on Rails isn’t very good out of the box. When your application starts getting any level of decent traffic, tailing the log isn’t very effective. Searching the log is even harder, and correlating data is pretty much out of the question. The good thing is that is pretty much a solved problem, so let’s review one potential solution.
With Ruby on Rails, you can easily swap our your logger. So instead of the instead of the standard Ruby logger, we’re going to swap in SyslogLogger gem from seattle.rb. Once you have either installed the gem or configured Ruby on Rails to install the gem, you can configure it in your environment.rb. (or one of your environment specific configuration files)
RAILS_DEFAULT_LOGGER = SyslogLogger.new Rails::Initializer.run do |config| ... config.logger = RAILS_DEFAULT_LOGGER end
Now Rails will send the logs to syslog. Next, you’ll want to configure syslog to send all your logs to a remote server we’ll talk about later
Make sure to restart your syslog server after making these changes.
Now why would we want to send out logs to a remote server? Because central log management is the bees knees of course.
When it comes to log management, nothing beats Splunk. Nothing. So that means we should send our logs to our Splunk server. The Splunk guides make configuring this easy, and their documentation is superb.
Now that you have Splunk configured, you should be receiving logs. The amount of options it gives you is absolutely breath taking, so I advise you to spend some time learning it.
Now if I’m doing it wrong let me know in the comments. Word.