Logging

Website

The log file names for website access and error logs can be configured in config/generic.json.

Handling rotation

You can manage website log rotation with logrotate. For example:

# cat /etc/logrotate.d/vulnlookup-website
/home/vuln-lookup/git/vulnerability-lookup/logs/website_access.log /home/vuln-lookup/git/vulnerability-lookup/logs/website_error.log /home/vuln-lookup/git/vulnerability-lookup/logs/website_warning.log  {
    daily
    rotate 7
    compress
    missingok
    notifempty
    copytruncate
}

Feeders

Logging for feeders is configured individually, allowing different logging levels and outputs per feeder. For example, the NVD feeder uses the following configuration file:

$ cat vulnerabilitylookup/feeders/nvd_logging.json
{
    "version": 1,
    "disable_existing_loggers": false,
    "formatters": {
        "simple": {
            "format": "%(asctime)s %(name)s %(levelname)s:%(message)s"
        }
    },
    "handlers": {
        "stdout": {
            "class": "logging.StreamHandler",
            "level": "INFO",
            "formatter": "simple",
            "stream": "ext://sys.stdout"
        },
        "file": {
            "class": "logging.handlers.RotatingFileHandler",
                        "level": "WARNING",
            "formatter": "simple",
            "filename": "logs/nvd_warning.log",
            "mode": "a",
            "maxBytes": 1000000,
            "backupCount": 5
        }
    },
    "root": {
        "level": "DEBUG",
        "handlers": [
            "stdout",
            "file"
        ]
    }
}