Logging Standards
| Field | Details |
|---|---|
| Status | Active |
| Last Updated | 04-22-2026 |
Purpose
To establish consistent logging practices that improve debugging and system observability
Scope
Applies to: All backend services, frontend applications, APIs
Does not apply to: Third-party libraries
Log Levels
| Level | When to Use |
|---|---|
ERROR |
Something broke and needs immediate attention |
WARN |
Something unexpected but the app continues |
INFO |
Key business events (user created, payment processed) |
DEBUG |
Detailed flow info — dev/staging only, never production |
Rules
- Log only required infomation and limit it to less characters. Logging too much is also not helpful
- Never use inbuild stdout utils always use the logger
- Never log passwords, tokens, card numbers, or PII
- Always log at the entry point of a request and on errors
- Include enough context to debug without opening the code
- Debug logs should be disabled in production
What to Log
// Good examples:
log.info("Invoice created | invoiceId={} userId={}", invoiceId, userId);
log.error("Payment failed | orderId={} reason={}", orderId, e.getMessage());
// Avoid:
log.info("done"); // lacks context
log.debug("user: " + user.toString()); // avoid string concatenation
log.info("Token: {}", authToken); // never log sensitive data
Log Format
All logs must follow this structure (handled by the logging framework config):
YYYY-MM-DD HH:mm:ss | LEVEL | service-name | traceId | message
Example:
2024-01-01 10:32:11 | ERROR | payment-service | abc123 | Payment failed | orderId=99
Common Mistakes
System.out.println("here"); // use logger instead
log.error(e.toString()); // log message + exception separately
log.info("password: {}", pass); // never log sensitive data
Exceptions
Debug logs may be enabled in staging environments for troubleshooting
Related Documents
Changelog
| Version | Date | Author | Change |
|---|---|---|---|
| 1.0.0 | 04-22-2026 | Tibin Sunny | Initial version |