# Logging in ScriptCode

## Available logging methods

In the ScriptCode environment, an object is available **`Logger`**, which enables logging events and data from within the script.\
By default, all arguments passed to the methods `Logger.<method>()` are treated as **sensitive**, meaning they may potentially contain sensitive data.

Available logging methods:

```javascript
function callService(context) {
    Logger.info('COMPLETE TASK EXECUTED [arg1={}, arg2={}]', 'arg1', 'arg2');
    Logger.debug('COMPLETE TASK EXECUTED [arg1={}, arg2={}]', 'arg1', 'arg2');
    Logger.warn('COMPLETE TASK EXECUTED [arg1={}, arg2={}]', 'arg1', 'arg2');
    Logger.error('COMPLETE TASK EXECUTED [arg1={}, arg2={}]', 'arg1', 'arg2');
    Logger.trace('COMPLETE TASK EXECUTED [arg1={}, arg2={}]', 'arg1', 'arg2');
}
```

> All arguments of the above methods are automatically treated as **sensitive data** and in non-sensitive logs they will be hidden.

## By default, logged data

Platform **Eximee** I log and treat by default as **sensitive** the following elements of the ScriptCode environment:

* data **input** of forms (`input`),
* data **output** (`output`),
* content **of requests (request)** sent to external services (e.g. via REST API),
* content **responses (response)** received from those services.

This means that even if they are not explicitly marked as sensitive in the code, they will not be printed in non-sensitive logs in a way that allows the actual content to be read.\
They will be replaced with markers `_SENSITIVE_DATA_START_ ... _SENSITIVE_DATA_STOP_` or `#hashed#`, depending on the type of application and the execution context<br>

## Sensitive and non-sensitive logging

If we want some data to be printed in non-sensitive logs **without masking**, use the method **`nonsensitive()`**, which marks the passed argument as non-sensitive.

Example:

```javascript
Logger.info(
    'COMPLETE TASK EXECUTED [arg1={}, arg2={}]',
    nonsensitive('arg1 nonsensitive test'),
    'arg2'
);
```

In this example:

* `arg1` will be written to the log in plain form,
* `arg2` will be hidden (replaced with a sensitive data marker).

***

## Log format

Below are examples of log formats for different Eximee platform applications.

#### Application `process-handlers`

```
2023-07-20 11:52:07.130 CEST [pb=csadas21312das][pi=149e3ba0-26e3-11ee-8889-927e393a9856][pd=script_code_handler_test_process][sn=process-handler-complete-task][pt=eximeeScriptCodeTask][sci=a919bbb6-1dea-4044-a5ca-ee5f2f0c55ad][TopicSubscriptionManager] INFO  c.c.r.e.l.JavascriptLibraryLoader - Loading javascript libraries from directory=_SENSITIVE_DATA_START_._SENSITIVE_DATA_STOP_

2023-07-20 11:52:07.162 CEST [pb=csadas21312das][pi=149e3ba0-26e3-11ee-8889-927e393a9856][pd=script_code_handler_test_process][sn=process-handler-complete-task][pt=eximeeScriptCodeTask][sci=a919bbb6-1dea-4044-a5ca-ee5f2f0c55ad][TopicSubscriptionManager] INFO  c.c.e.s.logging.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=arg1 nonsensitive test, arg2=_SENSITIVE_DATA_START_arg2_SENSITIVE_DATA_STOP_]

2023-07-20 11:52:07.163 CEST [pb=csadas21312das][pi=149e3ba0-26e3-11ee-8889-927e393a9856][pd=script_code_handler_test_process][sn=process-handler-complete-task][pt=eximeeScriptCodeTask][sci=a919bbb6-1dea-4044-a5ca-ee5f2f0c55ad][TopicSubscriptionManager] WARN  c.c.e.s.logging.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=_SENSITIVE_DATA_START_arg1_SENSITIVE_DATA_STOP_, arg2=_SENSITIVE_DATA_START_arg2_SENSITIVE_DATA_STOP_]

2023-07-20 11:52:07.163 CEST [pb=csadas21312das][pi=149e3ba0-26e3-11ee-8889-927e393a9856][pd=script_code_handler_test_process][sn=process-handler-complete-task][pt=eximeeScriptCodeTask][sci=a919bbb6-1dea-4044-a5ca-ee5f2f0c55ad][TopicSubscriptionManager] ERROR c.c.e.s.logging.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=_SENSITIVE_DATA_START_arg1_SENSITIVE_DATA_STOP_, arg2=_SENSITIVE_DATA_START_arg2_SENSITIVE_DATA_STOP_]
```

***

#### Application `webforms`

```
2023-07-20 16:15:27,489 CEST [MK_1611202307201615273] [] [http-nio-8082-exec-36] INFO  c.c.e.s.l.l.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=arg1 nonsensitive test, arg2=#hashed#]

2023-07-20 16:15:27,490 CEST [MK_1611202307201615273] [] [http-nio-8082-exec-36] WARN  c.c.e.s.l.l.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=#hashed#, arg2=#hashed#]

2023-07-20 16:15:27,490 CEST [MK_1611202307201615273] [] [http-nio-8082-exec-36] ERROR c.c.e.s.l.l.JavaScriptLoggerImpl - COMPLETE TASK EXECUTED [arg1=#hashed#, arg2=#hashed#]
```

***

## Good practices

* Use `nonsensitive()` **only** when you are sure that the data does not contain sensitive information.
* Use the appropriate **logging level**:
  * `trace` and `debug` – to analyze script execution details,
  * `info` – for messages about process flow,
  * `warn` – for unusual but non-critical situations,
  * `error` – for errors requiring intervention.
* Avoid logging entire objects or large data structures.