1N/AThe ISC logging system is designed to provide a flexible, extensible
1N/Amethod of writing messages. Messages can be sent to the system's
1N/Alogging facility, directly to a file, or into the bitbucket, usually
1N/Aconfigured per the desires of the users of the program. Each message
1N/Ais associated with a particular category (eg, "security" or
1N/A"database") that reflects its nature, and a particular module (such as
1N/Athe library's source file) that reflects its origin. Messages are
1N/Aalso each assigned a priority level which states how remarkable the
1N/Amessage is, so that too can be configured by the program's user to
1N/Acontrol how much detail is desired.
1N/ALibraries which use the ISC logging system can be linked against each
1N/Aother without fear of conflict. A program is able to select which, if
1N/Aany, libraries will write log messages.
1N/AThis section describes the basics of how the system works, introduces
1N/Aterms and defines C preprocessor symbols used in conjuction with
1N/Alogging functions. Actual uses of functions are demonstrated in the
1N/Afollowing two sections.
1N/ALog messages are associated with three pieces of information that are
1N/Aused to determine their disposition: a category, a module, and a
0N/Alevel (aka "priority").
22N/AA category describes the conceptual nature of the message, that is,
0N/Awhat general aspect of the code it is concerned with. For example,
0N/Athe DNS library defines categories that include the workings of the
0N/Adatabase as well security issues. Macros for naming categories are
14N/Atypically provided in the library's log header file, such as
14N/ADNS_LOGCATEGORY_DATABASE and DNS_LOGCATEGORY_SECURITY in <
dns/log.h>
14N/Afor the two categories in the previous sentence. The special category
14N/AISC_LOGCATEGORY_DEFAULT is associated with any message that does not
14N/Amatch a particular category (or matches a category but not a module,
14N/Aas seen in the next paragraph).
14N/AA module is loosely the origin of a message. Though there not be a
22N/Aone-to-one correspondence of source files with modules, it is typical
22N/Athat a module's name reflect the source file in which it is used. So,
22N/Afor example, the module identifier DNS_LOGMODULE_RBT would be used by
22N/AThe specification of the combination of a category and a module for a
0N/AThe level of a message is an indication of its severity. There are
0N/Asix standard logging levels, in order here from most to least severe
0N/A(least to most common):
0N/A ISC_LOG_CRITICAL -- An error so severe it causes the program to exit.
0N/A ISC_LOG_ERROR -- A very notable error, but the program can go on.
0N/A ISC_LOG_WARNING -- Something is probably not as it should be.
0N/A ISC_LOG_NOTICE -- Notable events that occur while the program runs.
22N/A ISC_LOG_INFO -- Statistics, typically.
22N/A ISC_LOG_DEBUG(unsigned int level) -- detailed debugging messages.
22N/AISC_LOG_DEBUG is not quite like the others in that it takes an
22N/Aargument the defines roughly how detailed the message is; a higher
3N/Alevel means more copious detail, so that values near 0 would be used
26N/Aat places like the entry to major sections of code, while greater
26N/Anumbers would be used inside loops.
0N/ASo, ok, technically there are five + at least 4,294,967,296 levels.
0N/APicky picky. In any event, the six levels correspond with similar
0N/Alevels used by Unix's syslog, and when messages using one of those
0N/Alevels is sent to syslog, the equivalent syslog level is used. (Note
0N/Athat this means that any debugging messages go to the singular
0N/ALOG_DEBUG priority in syslog, regardless of their level internal to
0N/Athe ISC logging system.)
14N/AThe next building block of the logging system is a channel. A channel
14N/Aspecifies where a message of a particular priority level should go, as
14N/Awell as any special options for that destination. There are four
0N/Abasic destinations, as follows:
26N/A ISC_LOG_TOSYSLOG -- Send it to syslog.
26N/A ISC_LOG_TOFILE -- Write to a file.
0N/A ISC_LOG_TOFILEDESC -- Write to a (previously opened) file descriptor.
22N/A ISC_LOG_TONULL -- Do not write the message when selected.
0N/AA file destination names a path to a log file. It also specifies the
0N/Amaximum allowable byte size of the file before it is closed (where 0
22N/Ameans no limit) and the number of versions of a file to keep (where
22N/AISC_LOG_ROLLNEVER means the logging system never renames the log file,
0N/Aand ISC_LOG_ROLLINFINITE means no cap on the number of versions).
0N/AVersion control is done just before a file is opened, so a program
0N/Athat used it would start with a fresh log file (unless using
0N/AISC_LOG_ROLLNEVER) each time it ran. If you want to use an external
0N/Arolling method, use ISC_LOG_ROLLNEVER and ensure that your program has
0N/Aa mechanism for calling isc_log_closefilelogs().
0N/A(ISC_LOG_ROLLINFINITE is not truly infinite; it will stop at INT_MAX.
0N/AOn 32 bit machines that means the logs would need to roll once per
0N/Asecond for more than sixty years before exhausting the version number
0N/AA file descriptor destination is simply associated with a previously
0N/Aopened stdio file descriptor. This is mostly used for associating
0N/Astdout or stderr with log messages, but could also be used, for
0N/Aexample, to send logging messages down a pipe that has been opened by
14N/Athe program. File descriptor destinations are never closed, have no
14N/Amaximum size limit, and do not do version control.
0N/ASyslog destinations are associated with the standard syslog facilities
14N/Aavailable on your system. They too have no maximum size limit and do
0N/ASince null channels go nowhere, no additional destination
14N/Aspecification is necessary.
14N/AThe words "destination" and "channel" can be used interchangably in
14N/Asome contexts. Referring to a file channel, for example, means a
0N/Achannel that has a file destination.
14N/AChannels have string names that are their primary external reference.
14N/AThere are four predefined logging channels:
14N/A "default_stderr" -- Descriptor channel to stderr at priority ISC_LOG_INFO
26N/A "default_debug" -- Descriptor channel to stderr at priority ISC_LOG_DYNAMIC
26N/A "default_syslog" -- Syslog channel to LOG_DAEMON at priority ISC_LOG_INFO
22N/A "null" -- Null channel
0N/AWhat's ISC_LOG_DYNAMIC? That's how you tell the logging system that
0N/Ayou want debugging messages, but only at the current debugging level
0N/Aof the program. The debugging level is controlled as described near
0N/Athe end of the next section. When the debugging level is 0 (turned
0N/Aoff), then no debugging messages are written to the channel. If the
0N/Adebugging level is raised, only debugging messages up to its level are
0N/Awritten to the channel.
0N/AYou can reuse a channel name. If you define a channel with the same
0N/Aname as an existing channel, the new definition is used by all future
22N/Areferences to the name. The old definition is still used by anything
0N/Athat was pointing to the name before the redefinition. This even
0N/Aapplies to redefinitions of the predefined channels, with one
0N/Aexception: redefining default_stderr will change the default
0N/Adestination of messages, as explained in more detail in a few paragraphs.
0N/AChannels can additionally have any of five options associated with
0N/Athem. The following options are listed in the order which their
14N/Acorresponding print strings appear in a log message:
14N/A ISC_LOG_PRINTTIME -- The date and time.
14N/A ISC_LOG_PRINTCATEGORY -- The category name.
14N/A ISC_LOG_PRINTMODULE -- The module name.
14N/A ISC_LOG_PRINTLEVEL -- The level.
14N/AYou can set all four of those options with ISC_LOG_PRINTALL.
22N/ASyslog channels do not need ISC_LOG_PRINTTIME, but it is usally a good
0N/Aidea for file and file descriptor feeds.
The additional option does not affect formatting. It is
ISC_LOG_DEBUGONLY, and marks a channel as only being eligible for
messages when the debugging level is non-zero. It acts like the
null channel when the debugging level is zero.
Now with these objects -- the category, module, and channel -- you can
actually direct messages to your desired destinations. As shown in
channel. It is possible to use one function call to say "all modules
coupled with this category" and vice versa, but conceptually the
since that is what comes in from functions writing messages.
Speaking of functions writing messages, here's what happens when a
function wants to write a message through the logging system. First
the function calls isc_log_write(), specifying a category, module and
In isc_log_write(), the logging system first looks up a list that
consists of all of the channels associated with a particular category.
It walks down the list looking for each channel that also has the
indicated module associated with it, and writes the message to each
channel it encounters. If no match is found in the list for the
module, the default channel is used. Similarly, the default is used
if no channels have been specified for the category at all.
What is the default? It is ISC_LOGCATEGORY_DEFAULT -- sort of. You
can specify an association of the channel ISC_LOGCATEGORY_DEFAULT with
any particular module, or more usually all of them, and that's what
specified a channel. If you do not associate ISC_LOGCATGORY_DEFAULT
and the indicated module, then the internal default of using the
default_stderr channel is used. This brings us back to the statement
made a few paragraphs ago about redefining the predefined channels --
if you redefine default_stderr, and a messages comes in for a
message will go to the _new_ definition of default_stderr.
matched with regard to using the defaults:
If a channel is is specified for a category as applying to all modules
which use that category, then the default channel will be used for no
combination of that category with any module.
If a category is specified with one or more explicit modules, any
modules _not_ using that category still use the default.
As with the BIND 8 logging code, when a log message is not written
because the of the severity level of the channel, the default is _not_
used, because the category and module are considered to have matched.
specified. If you want to use the default for some messages but also
send higher (lower?) priority messages someplace else, then you will
need to specify both the default channel and a custom channel for that
It is important to note that specifying a null destination for a
associated with that pair, regardless of ordering. For example,
though it seems reasonable, you cannot say "for category A and all
modules, log to stderr, but for category A and module 2 don't show any
messages." You would need to specify stderr for category A with all
modules except module 2, and then specify null for A/2. This could be
inconvenient, especially if you do not know all of the modules
associated with a particular category but you know the one you want to
shut up. Because of this, it is likely that specifying a null
destination _will_ block other channels that also specify a particular
No attempt is made to filter out duplicate destinations, so it is
certainly possible to define things such that a single log gets more
than one copy of the same message. This may change in the future.
EXTERNALLY VISIBLE STRUCTURE
Two of the fundamental types used by programs for configuring log
message destinations are isc_log_t and isc_logconfig_t. The isc_log_t
type is normally created only once by a program, to hold the (relatively)
static information about what categories and modules exist in the program
and some other housekeeping information. isc_logconfig_t is used to
store the configurable specification of message destinations, which
can be changed during the course of the program.
A starting configuration (isc_logconfig_t) is created implicitly when
the context (isc_log_t) is created. The pointer to this configuration
is returned via a parameter to isc_log_create so that it can then be
configurated. A new configuration can be established by creating
it with isc_logconfig_create, configuring it, then installing it as
the active configuration with isc_logconfig_use.
The entire logging context is thread locked for most of duration of
the isc_log_write. However, isc_log_write does avoid the delays
caused by locking when it is clear that there are no possible outputs
for a message based on its debugging level --- this is so that a
program can have debugging messages sprinkled liberally throughout it
but not incur any locking penalty when debugging is not enabled.
The logging context is locked when a new configuration is installed
USING LIBRARIES THAT USE THE LOGGING SYSTEM
To enable the messages from a library that uses the logging system,
the following steps need to be taken to initialize it.
1) Include the main logging header file as well as the logging header
file for any additional library you are using. For example, when
using the DNS library, include the following:
2) Initialize a logging context. A logging context needs a valid
memory context in order to work, so the following code snippet shows a
rudimentary initialization of both.
if (isc_mem_create(0, 0, &mctx) != ISC_R_SUCCESS) ||
isc_log_create(mctx, &lctx, &lcfg) != ISC_R_SUCCESS))
3) Initalize any additional libraries. The convention for the name of
the initialization function is {library}_log_init, with just a pointer
to the logging context as an argument. The function can only be
called once in a program or it will generate an assertion error.
If you do not want a library to write any log messages, simply do not
call its the initialization function.
4) Create any channels you want in addition to the internal channels
of default_syslog, default_stderr, default_debug and null. A
destination structure needs to be filled for any destination other
than null. The following examples show use of a file log, a file
descriptor log, and syslog.
isc_logdestination_t destination;
if (isc_log_createchannel(lcfg, "sample1" ISC_LOG_TOFILE, ISC_LOG_DYNAMIC,
&destination, ISC_LOG_PRINTTIME) != ISC_R_SUCCESS)
if (isc_log_createchannel(lcfg, "sample2" ISC_LOG_TOFILEDESC, ISC_LOG_INFO,
&destination, ISC_LOG_PRINTTIME) != ISC_R_SUCCESS)
if (isc_log_createchannel(lcfg, "sample3" ISC_LOG_SYSLOG, ISC_LOG_ERROR,
&destination, 0) != ISC_R_SUCCESS)
Note that ISC_LOG_DYNAMIC is used to define a channel that wants any
of the messages up to the current debugging level of the program
(described below). ISC_LOG_DEBUG(level) can define a channel that
_always_ gets messages up to the debug level specified, regardless of
the debugging state of the server.
Remember that you can redefine these internal channels, and that in
particular redefining default_stderr will change the default logging
5) Direct the various log categories and modules to the desired
destination. This step is not necessary if the normal behavior of
sending all messages to default_stderr is acceptable. The following
examples sends DNS security messages to stderr, DNS database messages
to null, and all other messages to syslog.
if (isc_log_usechannel(lcfg, "default_stderr", DNS_LOGCATEGORY_SECURITY,
if (isc_log_usechannel(lcfg, "null", DNS_LOGCATEGORY_DATABASE, NULL)
if (isc_log_usechannel(lcfg, "default_syslog", ISC_LOGCATEGORY_DEFAULT,
Providing a NULL argument for the category means "associate the
channel with the indicated module in all known categories" ---
including ISC_CATEGORY_DEFAULT. Providing a NULL argument for the
module means "associate the channel with all modules that use this
6) If you are sending any messages to syslog, call
isc_log_opensyslog(). Currently the arguments to this function are
exactly the same as to syslog's openlog() function, but it is expected
that this will change when the logging library is made to work with the
system logging facility on Windows NT.
isc_log_opensyslog(NULL, LOG_PID, LOG_DAEMON);
Now the libraries used by your program will write messages according
7) If you want to swap in a new configuration to replace the existing
configuration, first create the new configuration with:
result = isc_logconfig_create(lctx, &newlcfg);
and then configure newlcfg with isc_log_createchannel() and
isc_log_usechannel(). When it is all ready:
result = isc_logconfig_use(lctx, newlcfg);
If the new configration is successfully installed, then the old one
will be destroyed, freeing all memory it used.
There are three additional functions you might find useful in your
program to control logging behavior, two to work with the debugging
level and one to control the closing of log files.
void isc_log_setdebuglevel(isc_log_t *lctx, unsigned int level) and
unsigned int isc_log_getdebuglevel(isc_log_t *lctx) set and retrieve
the current debugging level of the program. isc_log_getdebuglevel()
can be used so that you need not keep track of the level yourself in
another variable. One use for these functions would be in a daemon
that could have its debugging level raised with a USR1 signal or lowered
The void isc_log_closefilelogs(isc_log_t *lcxt) function closes any
open log files. This is useful for programs that do not want to do
file rotation as with the internal rolling mechanism. For example, a
program that wanted to keep daily logs would define a channel which
used ISC_LOG_ROLLNEVER, then once a day would rename the log file and
call isc_log_closefilelogs(). The next time a message needs to be
written a file that has been closed, it is reopened.
WRITING LIBRARIES THAT USE THE LOGGING SYSTEM
This section describes how a new library,
libfoo.a, would use the ISC
logging system internally.
1) Provide a header file that does the following:
* declares foo_lctx, a logging context that will be used throughout
* declares the structures that specify the categories and modules
* defines the macros that provide convenient access to the library's
* prototypes the library's log initialization function.
2) Write a C source module that includes the library's
log.h,
provides storage for the library's logging context,
initializes the category and module structures, and defines the
initialization function, foo_log_init().
log.c from
libdns.a looks
like this (trimmed down):
isc_logcategory_t dns_categories[] = {
isc_logmodule_t dns_modules[] = {
dns_log_init(isc_log_t *lctx) {
REQUIRE(dns_lctx == NULL);
result = isc_log_registercategories(lctx, dns_categories);
if (result == ISC_R_SUCCESS) {
isc_log_registermodules(lctx, dns_modules);
Note that the init function is what associates that library's logging
context with the one that the calling program must create and
initialize. If the init function is never called, the library's
logging context will be NULL, so any calls by other library functions
to log messages will simply return with no message being written.
3) Use the isc_log_write() function to have messages written according
to the definitions in the logging context. Its arguments are the
logging context, a category, a module, a logging level, a printf(3)
format string, and any additional arguments that are necessary for the
format string. For example:
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL, DNS_LOGMODULE_RBT,
"Node %d in red-black tree is crimson!", node);
No newline should be included, nor should the program name. Usually
the source file name or the function name should not be included
either, since location information can be attained, if desired, with
ISC_LOG_PRINTMODULE. On rare occasion it might be necessary to
differentiate very similar messages in the same module.
When available, include standard library return codes via %s in the
format string, with strerrr(errno) from the system libary or functions
like isc_result_totext(result) and dns_result_totext(result).
THINGS I AM NOT KEEN ABOUT
has no effect on other associations with that pair. It seems to me
that it would be nice to say "send all DATABASE category messages to
syslog, except for those from the RBT base code." I am not sure of
how I want it specified though. One way to do it is to simply say
that null overrides any previously defined matches for the