A lot of windows services write daily log files to their application installation directory under "program files".
Windows system apps (eg IIS) use %SystemRoot%\System32\LogFiles. Is something I should do for my service?
A:
One option is to use the event log, which is where many IT people expect to find logs.
If you want to use log files a good location would be in the %Temp% directory.
chills42
2009-01-29 15:30:27
%TEMP% can and will get cleared at any given moment by an external action that you can't control. You can't depend on it for a logging location since the logs there could easily get deleted before ever becoming useful at a time in need.
Mike Atlas
2010-03-28 21:26:51
On the other hand... it is very unlikely that you would ever need special permissions to write to a temp folder, which is one of the biggest issues with choosing a log folder.
chills42
2010-03-29 11:57:59
+1
A:
I would suggest neither, these two typically break in Vista (and XP but not as often) as they require admin privileges to write to. Rather I would suggest %AllUsersProfile%\application data\yourService\
Jared
2009-01-29 15:42:44
Wrong. Admin privileges are required to install a new event log data source, not to write into it.
Sander
2009-01-29 15:43:44
I said nothing about the event log, I was talking about writing to %systemroot% and %programfiles% directories. The LPU has no access to write or modify these directories.
Jared
2009-01-29 15:54:15
+1
A:
Use the event log - it can store data in rich formats and supports good querying via WMI (e.g. the administrators can query logs from all 100 servers at once for warnings that contain the filename "Payroll.xml" - no digging through log files to troubleshoot services).
Sander
2009-01-29 15:43:14
Would you consider the event log a suitable place for IIS to store it's transaction logfiles though?
rupello
2009-01-29 17:10:55
A:
On my Windows services, I output the logs to a default directory of "C:\App Log Files\" and allow the user to choose an alternative location. I automatically cycle them, so I have Monday.log, Tuesday.log etc. On Tuesday morning, I delete the Wednesday.log so it will be empty the next day. Finally, if one week isn't enough, I rename the old one as Wednesday.V01. The reason for this weekly cycle is that in a previous version done by someone else, the logs were per date, and silently went about filling the hard disks until everything fell over. Given that most systems don't have anyone to maintain them, self-maintenance is worth doing.
Finally, while the system event log is a good place for an occasional message, it isn't good for a detailed log of transactions etc. By having log files outside the system log, you can send them back to a developer for analysis much more easily.
mj2008
2009-01-29 15:47:28
+2
A:
We make the log directory configurable. Depending on usage you may not want logs on the OS drive, or in a location that requires granting rights to more than you need to.
The Event log isn't always the best solution for more verbose logging. We use the event log for error and warning and major state changes (start/stop/etc.) but we use the logfile for more verbose actions.
Joe
2009-01-29 17:19:51