Structured logging - why should you do that?

Structured logging is on the rise. A lot of tools and logging services are finally moving towards structured logging and JSON seems to be the format of choice for this.

But what is structured logging? Traditionally logs were generated in the form of free form text messages prepended with some basic metadata such as the time of the event, severity and the source of the event. This is what the old RFC3164 style Syslog format looks like:

<30>Nov 21 11:40:27 myhost sshd[26459]: Accepted publickey for myhost from 192.168.1.1 port 424242 ssh2

This traditional syslog fromat has a header consisting of the severity, facility, timestamp, hostname and process name followed by a free form text string optionally containing additional metadata. The advantage of this is that log data in this format can be easily parsed and stored in text files for humans to look at.

Support both XML and JSON - Open Source Logging

XML and JSON is now supported as of version 1.4.615. nxlog can parse and generate both of these formats with the addition of two new extension modules: xm_json and xm_xml.
nxlog is the first open source logging tool to support both of these formats for parsing and generation. This paves the way for structured logging over standard formats. Now it is possible to convert logs between even more formats with the addition of these two.