Skip to main content

Logging vs Auditing

The difference between logging and auditing is a subtle yet important distinction.


  • Technical in nature. Deals with technical concerns, stacktraces or errors.
  • Additional levels such as DEBUG, INFO, WARN, ERROR, FATAL for classification.
  • Logging can be simple such as traditional stdout statements, or more complex with semantic/structured logging.
  • Should not cause a runtime failure if logging is defective, fail silently.
  • System should work with or without logging enabled from both a technical and system view.
  • No need for automated testing, simply ensure this works afterwards. No need for interfaces or abstractions, use the logging library directly.

The primary users of logging should be the development team when developing and testing. Additional the team should use logging for daily monitoring and support. Effective log monitoring can produce trends or highlight problem areas well before users report them as issues. The use of a good monitoring system can also remove and reduce the need for complex and unstable system tests, this will be the subject of a future post.


  • Domain specific. Deals with domain concerns for audit trails.
  • Always one level, though context is important. Different audit roles for different actions, for example, user makes a payment. User logs in. User performs action. All three of these examples are unique and should be treated as such.
  • Auditing is important, it must occur. Should cause a runtime failure if auditing is defective. Never fail silently.
  • System cannot operate at 100% if auditing is not operating.
  • Testable and should be considered a first class feature. Abstractions useful to provide different implementations and to aid testing.

Auditing is a feature in itself. There is no point introducing this additional complexity unless the system requires this. Other concerns auditing introduces include where to store the data? For how long? And what potentially sensitive data can be stored?

The key lesson here is that logging and auditing are two very distinct concepts and should be treated as such.


Popular posts from this blog

Constant Object Anti Pattern

Most constants are used to remove magic numbers or variables that lack context. A classic example would be code littered with the number 7. What does this refer to exactly? If this was replaced with DaysInWeek or similar, much clarity is provided. You can determine that code performing offsets would be adding days, rather than a mysterious number seven.Sadly a common pattern which uses constants is the use of a single constant file or object. The beauty of constants is clarity, and the obvious fact such variables are fixed. When a constant container is used, constants are simply lumped together. These can grow in size and often become a dumping ground for all values within the application.A disadvantage of this pattern is the actual value is hidden. While a friendly variable name is great, there will come a time where you will want to know the actual value. This forces you to navigate, if only to peek at the value within the constant object. A solution is to simple perform a refactor …

Three Steps to Code Quality via TDD

Common complaints and problems that I've both encountered and hear other developers raise when it comes to the practice of Test Driven Development are: Impossible to refactor without all the tests breakingMinor changes require hours of changes to test codeTest setup is huge, slow to write and difficult to understandThe use of test doubles (mocks, stubs and fakes is confusing)Over the next three posts I will demonstrate three easy steps that can resolve the problems above. In turn this will allow developers to gain one of the benefits that TDD promises - the ability to refactor your code mercifully in order to improve code quality.StepsStop Making Everything PublicLimit the Amount of Dependencies you Use A Unit is Not Always a Method or ClassCode quality is a tricky subject and highly subjective, however if you follow the three guidelines above you should have the ability to radically change implementation details and therefore improve code quality when needed.

DRY vs DAMP in Tests

In the previous post I mentioned that duplication in tests is not always bad. Sometimes duplication becomes a problem. Tests can become large or virtually identically excluding a few lines. Changes to these tests can take a while and increase the maintenance overhead. At this point, DRY violations need to be resolved.SolutionsTest HelpersA common solution is to extract common functionality into setup methods or other helper utilities. While this will remove and reduce duplication this can make tests a bit harder to read as the test is now split amongst unrelated components. There is a limit to how useful such extractions can help as each test may need to do something slightly differently.DAMP - Descriptive and Meaningful PhrasesDescriptive and Meaningful Phrases is the alter ego of DRY. DAMP tests often use the builder pattern to construct the System Under Test. This allows calls to be chained in a fluent API style, similar to the Page Object Pattern. Internally the implementation wil…