What Is a Logging Level
A log level or log severity is a piece of information telling how important a given log message is. It is a simple, yet very powerful way of distinguishing log events from each other. If the log levels are used properly in your application all you need is to look at the severity first. It will tell you if you can continue sleeping during the on-call night or you need to jump out of bed right away and hit another personal best in running between your bedroom and laptop in the living room.
You can think of the log levels as a way to filter the critical information about your system state and the one that is purely informative. The log levels can help in reducing the information noise and reduce alert fatigue.
The History of Log Levels
Before continuing with the description of the log levels themselves it would be good to know where the log levels come from. It all started with syslog. In the 80s, the Sendmail a mailer daemon project developed by Eric Allman required a logging solution. This is how Syslog was born. It was rapidly adopted by other applications in the Unix-like ecosystem and became a standard. Btw – at Sematext we do support Syslog format with Sematext Logs, our log management tool.
Syslog came with the idea of severity levels, which are now defined in the syslog standard. Syslog comes with the following severity levels:
- Emergency
- Alert
- Critical
- Error
- Warning
- Notice
- Informational
- Debug
After the 80s programming languages were evolving and different logging frameworks were introduced. Nowadays each programming language has its own logging framework allowing you to save data in various formats like JSON. In most cases you can ship data to different destinations like text file, syslog or Elasticsearch. But apart from the format and the possible destinations there is one thing that is common to the majority of them – the level of the log event.