Websites always have bugs, there is no way around it. Too many different components come into play.
There is
- Different browsers
- Different user implementations (at some level) like authenticated users and unauthenticated ones, preferred customers and blocked customers
- Different paths to do things
- Different layers where exceptions can happen and different implementations how these are communicated back to the origin
- and many more I cannot think of right now
all these potential fallacies form a Cartesian product of terror. To the website owner as well as to the developer. One can log these errors, but logging often does not show the context of the error and this makes logging not quite useless, but not as useful as one would wish for.
So to make logging meaningful I would want it to be contextual. How can this be done? My take is, that I need to log a whole user session, from the fist hit to the last, keeping only logs with exceptions in it.
This implies, that I must uniquely identify each user session. The session id could provide such an id for unauthenticated users, username + session id for authenticated ones. But this makes us imply that sessions do not get lost and recreated. So maybe a cookie then: let's store a cookie with the session id in it and short expiration at session begin and check if that cookie exists, if another session is created. If there is such a cookie, we know we are dropping sessions and can log this.
Then we can have sessions without exceptions that just expired. The user lost interest. While this can be of interest to somebody, it is not my concern. I would want to delete that logging. Or we have a successful session. In my case, the user made a complete purchase and there were no exceptions in his session. I want to delete those as well.
I want to keep these logs isolated from each other, so I will persist them individually. For cross concern logging traditional log files are better suited. There are also different classes of exceptions like SQL timeouts, that usually don't have anything to do with specific users, but I would not want to have a black/white list of exceptions to log. For now at least.
File layout: /logfiles/day/username+cookie-id
I keep a dictionary cookie id / kill-time (cookie expiry date), every further hit, bumps up kill time and cookie expiry, an exception removes the item from the list entirely, so that it will not be deleted. Now I only need to have somebody check this dictionary in regular instances and delete files with a kill time < now.
In the file I want to log every step the user makes with
- time
- url
- parameters (query string gets, posts, cookie and session values)
- referrer
- eventual problems
- exception
Probably a html table would make for an easily readable format.
Luckily the castle stack I am using allows me to have a single place for attaching this logging behaviour. So I am looking forward into implementing this. Just me thinking out loud.
