My Powershell Logging module

This is my Story of why I come up with this powershell logging module. Its about 5 minutes read but if you just want to jump straight into using the module, please visit this repo on github https://github.com/bennymelb/PS-Logging

Few years ago, I was in a situation that the platform I worked on have a lot of different scripts to do all sort of tasks like custom monitoring, email notification and moving files around...etc. We have batch, VBS, powershell and even some executable written in VB6, left right and center. Among all these scripts, one thing in common is there are either no logging in place (especially those exe, its just a blackbox), or the format of the log is so different from script to script as well as lacking information like timestamp or pid that help you troubleshoot. Last but not least, some of the script has no log maintenance in place which is chewing up disk space and making you almost impossible to search the log.

To make things even "better", we do not have a centralized log server and those scripts is just writing logs to a file sitting in the same folder as the script, so the log is just basically all over the place. Our operation team spent lots of time digging logs everyday, sometime just to find the right place to open the log file took a while, let along figuring out the log's format and constructing the pattern to search for. So with that in mind, I determined to make some improvement so we can do our job more efficiently (reducing waste #Lean).

The first things I have to decide is whether I send those log straight to a log server or write to the local filesystem. Since I dont have a centralized log server, I decided to write to the local filesystem and deal with the centralized log server part later. Another reason I took this approach is I dont have to worry about if the log server is offline, I risk losing some of the log or I have to write them to the local filesystem temporary until the log server is back online then flush those log to it.

This platform is running on windows if you haven't figure it out by now, utilizing windows event log is the first things that pops into my mind because it comes with windows out of the box. But I was more a Linux guy before I started work on this platform so I am not a big fan of windows event log, plus you cant just open the windows event log with a text editor (our Ops team is so used to deal with log file using their favorite text editor, re-training them to is gonna take time), thats enough to kill this idea.

Before I start writing this logging function myself, I did a quick search and found a few script/module around but none of them fit my use case, so I spent a few nights and put together a script that you have to dot source it to use the logging function. After a while, I realized its prone to error so I turn it into a powershell module (.psm) file and use Import-Module cmdlet to load those function at the beginning of my other script.

The more powershell script I wrote, the more I found logging is so important and I keep adding improvement and new feature to it. Lately I decided to make the log format compliant with RFC5424 spec so its easier to parse as well as make log shipping to a backend like elasticsearch easier. I welcome any feedback, ideas or contribution to my logging module https://github.com/bennymelb/PS-Logging