SLF4J VS cats

A few years ago, my team moved from Java to Go. Working on Go projects, we encountered a wide variety of logging frameworks with different APIs, configuration, and formatting. We soon found ourselves longing for a logging abstraction layer like Java’s slf4j, which had proven invaluable for use in reusable libraries or configuring and debugging production systems. So, not long after moving to Go, we began working toward replacing what we had lost in slf4j.

I'm not familiar with Serilog as I code mostly in Java, use slf4j (logs to stdout) and our apps send logs to Cloudwatch using the task definition's awslogs configuration. I prefer it this way because I can customize the log configurations in my task definitions. Also the default stream name has this format prefix-name/container-name/ecs-task-id so I can easily identify the logs of the task I want to look at. I haven't experienced any downsides with this approach and our apps publish a shit ton of logs. Cloudwatch approach looks like you can customize the stream name?

slf4j is open source. You can look at the code.

Java -> Logback, Log4j2, JDK (Java Util Logging), Slf4j, e.t.c.

slf4j para padronização dos logs;

SLF4J

> My God. Logging in protobuf?

Yes, or any other data format and/or transport protocol.

I'm surprised this is up for debate.

> Logging is the lowest of all debugging utilities - its the first thing you ever do writing software - “hello world”. And, while I admire structural logging, the truth is printing strings remains (truly) the lowest common denominator across software developers.

This sort of comment is terribly miopic. You can have a logging API, and then configure your logging to transport the events anywhere, any way. This is a terribly basic feature and requirement, and one that comes out of the box with some systems. Check how SLF4J[1] is pervasive in Java, and how any SLF4J implementation offers logging to stdout or a local file as a very specific and basic usecase.

It turns out that nowadays most developers write software that runs on many computers that aren't stashed over or under their desks, and thus they need efficient and convenient ways to check what's happening either in a node or in all deployments.

[1] https://www.slf4j.org/

Out of this frustration I've built: https://github.com/Endava/cats. It's for APIs, but mostly addressing exactly this case: don't use strings for everything, if you choose to use it though, make sure you add patterns for checking if things are valid, make sure you think about all the corner cases and all the weird characters that can brake you app, and so on.

If the API has an OpenAPI spec available, you can use: https://github.com/Endava/cats

This is why we need better tools which will give benefits for the added complexity. If you need to create both the feature files AND the code, it's just complexity with little benefits. But frameworks like https://github.com/karatelabs/karate or https://github.com/Endava/cats are hiding this complexity and remove the code layer entirely. Which, in my view, this is where you need to be in 2023, particularly for API testing.

I've built a tool specifically to test if these kind of characters will reach API backends: https://github.com/Endava/cats. My idea was that APIs should explicitly reject or sanitise input containing such characters.

Cats by Endava