Application Security Testing: An Integral Part of DevOps
Click here for larger image
Environment: VC6, NT4, Win2k, *nix?
Here is a class heirarchy designed to simplify logging of messages on a Windows platform. I should qualify and say that porting these classes to *nix is trivial. It should be obvious that the CEventLogAppender would need to be scrapped or retasked.
My main reason for checking out log4j in the first place was that I had been told that my current method for logging was substandard. I did not believe this of course. However, after 5 minutes of working with log4j, I knew it for the truth! So, as a matter of course, I went on a quest, looking for log4cpp. Well the log4j site has links to two different projects.
and the other at http://log4cplus.sourceforge.net/
I checked them out and although they each have their merits, they were too complicated for my taste. It was at this point that the CLog and CLogAppender classes were born.
I decided that I wanted to create a set of logging classes with really simple, yet elegant, syntax. Something along the lines of
CLog myCLog(source); myCLog.writeLog(debuglevel, message);
Well as it turns out, it's not quite that easy, but it's close.
How it works
The core concept to understanding the CLog heirarchy is the idea of severity. Log messages are given a severity at the time they are created. Log Appenders are given a severity threshold at the time they are created. Then, when a message is sent with a severity greater than the appender's threshold the message is logged.
This can be expressed more concisely as follows:
A message with severity x is written to a log appender with threshold y if x >= y.
severity and threshold values are organized as follows:
debug < info < warn < error < fatal
detailed programmatic informational messages used as an aid in troubleshooting problems by programmers
brief informative messages to use as an aid in troubleshooting problems by production support and programmers
messages intended to notify help desk, production support and programmers of possible issues with respect to the running application
messages that detail a programmatic error, these are typically messages intended for help desk, production support, programmers and occasionally users
severe messages that are programmatic violations that will usually result in application failure. These messages are intended for help desk, production support, programmers and possibly users
What all this gobbledegook means is that you, as the programmer has the duty to create meaningful messages and assign them the proper severity. If you are good at this, then, you will reap the benefit of incredibly informative logs with a standardized look and feel. Making everyones life easier.
This set of classes consists of a number of files, I will lay them out here for your perusal with a brief description.
- contains a number of useful helper data structures
- the main CLog Class Definition
- the abstract CLogAppender Class Definition that the specific log appenders are derived from
- the specific Console log appender class definition
- the specific File log appender class definition
- the specific Event log appender class definition
- contains a number of useful helper data structures
- the main CLog Class Implementation
- the abstract CLogAppender Class Implementation
- the specific Console log appender class implementation
- the specific File log appender class implementation
- the specific Event log appender class implementation
the test application (driver)
- the simple test application that will use the log and log appender class to write to the console, test.dat, and the event log.
Trying it out
In order to use the logging classes here is a description of what is required.
- You will need to create a cpp file that will 'drive' the logger - in my case this was LogDriver.cpp.
- include log.h, this will bring in the needed definitions, etc.
- instantiate an instance of the CLog class, this will be the 'source' of log messages
- instantiate and add as many log appenders as you like
CConsoleLogAppender * pConsoleLogAppender = new CConsoleLogAppender(nsCLog::info); CFileLogAppender * pFileLogAppender = new CFileLogAppender(nsCLog::warning, "test.dat"); CEventLogAppender * pEventLogAppender = new CEventLogAppender(nsCLog::debug); myLog.addAppender(pConsoleLogAppender); myLog.addAppender(pFileLogAppender); myLog.addAppender(pEventLogAppender);
- write to the log(s) througout your codebase
myLog.writeLog(nsCLog::warning, "This is my test log message");
What you will have done is this:
- Created a logger that's source is "LogDriver"
- Created a log appender for console messages
- Created a log appender to write to test.dat
- Created a log appender to write to the event log
- Told the LogDriver logger about the 3 appenders
- Written to the various logs
What the messages will look like is
01052002_124658 | LogDriver | warning | This is my test log message
The event log message is going to appear a little differently, but basically
the same. Because I'm lazy it will probably be like:
The entry in Event Viewer:
Time: 12:46:58 PM
Computer: Your Computer Name
The message (double click the entry):
The description for Event ID ( 0 ) in Source ( LogDriver ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event:
01052002_124658 | LogDriver | warning | This is my test log message.
Let me know what you think - preferably constructive if not positive, I'm not asking for flames!
Read the _todo.txt document before sending me - it oughta do X! messages.
That's it really.
2219 Lilac Circle
McKinney, TX 75071
DownloadsDownload demo project - 111 Kb
Download source - 31 Kb