Skip to content

structured logging: JSON and journald#2897

Draft
darkexplosiveqwx wants to merge 11 commits into
pi-hole:developmentfrom
darkexplosiveqwx:log-json
Draft

structured logging: JSON and journald#2897
darkexplosiveqwx wants to merge 11 commits into
pi-hole:developmentfrom
darkexplosiveqwx:log-json

Conversation

@darkexplosiveqwx
Copy link
Copy Markdown
Contributor

@darkexplosiveqwx darkexplosiveqwx commented May 21, 2026
edited
Loading

This includes the commit from #2893, since I still use the more strict compiler toolchain.

See pi-hole/docker-pi-hole#2036 for more information.

Major issue:
dnsmasq closes the file descriptors of STDIN, STDOUT and STDERR, this prevents us from logging after dnsmasq has started. Removing the lines is only a quick duct-tape fix while developing.
Removing that code seems to be the best option, as it also doesn’t affect other functionality.

This can also be observed in the systemd service log, since it only contains startup information and not the entire FTL.log.
In docker we are not capturing stdout, but tailing the logfile, but I intentionally wanted to keep the logfiles as-is, need to find a solution on how to implement this.

This currently changes webserver.log and the dnsmasq and webserver FIFOs to better align with FTL.log, but this can be reverted if necessary.

What does this PR aim to accomplish?:

How does this PR accomplish the above?:

Link documentation PRs if any are needed to support this PR:

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  6. I have checked that another pull request for this purpose does not exist.
  7. I have considered, and confirmed that this submission will be valuable to others.
  8. I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
  9. I give this submission freely, and claim no ownership to its content.
  • I have read the above and my PR is ready for review. Check this box to confirm

@darkexplosiveqwx darkexplosiveqwx mentioned this pull request May 21, 2026
Draft
@darkexplosiveqwx darkexplosiveqwx force-pushed the log-json branch 2 times, most recently from 0840e06 to e576249 Compare May 23, 2026 22:08
@darkexplosiveqwx
Copy link
Copy Markdown
Contributor Author

darkexplosiveqwx commented May 23, 2026

Both --log-json and --log-journal are functional to some degree and can be tested further.

I think that we can now start discussing what extra fields we might want/need. (Like the file paths shown in debug flags)

Regarding the blunt patch into dnsmasq to prevent it from messing with our file descriptors, I definitely need to guidance here on whether this is a good mean or if there is a better way.

@darkexplosiveqwx darkexplosiveqwx changed the title structured JSON logging structured logging: JSON and journald May 23, 2026
@pralor-bot
Copy link
Copy Markdown

pralor-bot commented May 23, 2026

This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/use-systemd-journalctl-for-all-logs/84443/21

@darkexplosiveqwx darkexplosiveqwx force-pushed the log-json branch 2 times, most recently from 8e7fd91 to 7846900 Compare May 27, 2026 22:24
@darkexplosiveqwx
Open logfiles in append instead of append+read mode
cf6f0d7 
We never read from FTL.log and webserver.log after opening them, so
+read is unnecessary.

Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
change webserver.log format to match FTL.log
7641cd4 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
enrich webserver and dnsmaq log with priority/severity
a264ab8 
carries to: FIFO, webserver.log
changes webserver.log format (again)

Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
implement JSON logging to stdout, enabled via a startup flag
b7177a3 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
use the same timestamp in dnsmasq JSON and logfile
7a6a60c 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
implement logging to journald, requires libsystemd
b6fffec 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
supress CODE_FILE, CODE_LINE and CODE_FUNC
021141f 
they are not useful here as they would only show the component again

Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
allow loading libsystemd via dlopen
ad16d3a 
This allows shipping fully static binaries with --log-journal support

Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
enable logging to stdout/stderr
caaab39 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
prevent dnsmasq from closing all fds > 2, as that breaks sd_journal
0648c25 
Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
@darkexplosiveqwx
symlink compile_commands.json to project root
0c6ea36 
This helps the clangd LSP find headers and improves expericence in
editors/IDEs

Signed-off-by: darkexplosiveqwx <101737077+darkexplosiveqwx@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@darkexplosiveqwx @pralor-bot