views:

315

answers:

6

What would be the best way to implement a simple crash / error reporting mechanism?

Details: my app is cross-platform (mac/windows/linux) and written in Python, so I just need something that will send me a small amount of text, e.g. just a timestamp and a traceback (which I already generate and show in my error dialog).

It would be fine if it could simply email it, but I can't think of a way to do this without including a username and password for the smtp server in the application... Should I implement a simple web service on the server side and have my app send it an HTTP request with the info? Any better ideas?

Thanks!

+1  A: 

The web hit is the way to go, but make sure you pick a good URL - your app will be hitting it for years to come.

pjz
A: 

PyCrash?

Allan Wind
A: 

Whether you use SMTP or HTTP to send the data, you need to have a username/password in the application to prevent just anyone from sending random data to you.

With that in mind, I suspect it would be easier to use SMTP rather than HTTP to send the data.

Branan
+2  A: 

The web service is the best way, but there are some caveats:

  1. You should always ask the user if it is ok to send error feedback information.
  2. You should be prepared to fail gracefully if there are network errors. Don't let a failure to report a crash impede recovery!
  3. You should avoid including user identifying or sensitive information unless the user knows (see #1) and you should either use SSL or otherwise protect it. Some jurisdictions impose burdens on you that you might not want to deal with, so it's best to simply not save such information.
  4. Like any web service, make sure your service is not exploitable by miscreants.
nsayer
A: 

Some kind of simple web service would suffice. You would have to consider security so not just anyone could make requests to your service..

On a larger scale we considered a JMS messaging system. Put a serialized object of data containing the traceback/error message into a queue and consume it every x minutes generating reports/alerts from that data.

Benjamin W. Smith
+1  A: 

I can't think of a way to do this without including a username and password for the smtp server in the application...

You only need a username and password for authenticating yourself to a smarthost. You don't need it to send mail directly, you need it to send mail through a relay, e.g. your ISP's mail server. It's perfectly possible to send email without authentication - that's why spam is so hard to stop.

Having said that, some ISPs block outbound traffic on port 25, so the most robust alternative is an HTTP POST, which is unlikely to be blocked by anything. Be sure to pick a URL that you won't feel restricted by later on, or better yet, have the application periodically check for updates, so if you decide to change domains or something, you can push an update in advance.

Security isn't really an issue. You can fairly easily discard junk data, so all that really concerns you is whether or not somebody would go to the trouble of constructing fake tracebacks to mess with you, and that's a very unlikely situation.

As for the payload, PyCrash can help you with that.

Jim