Elixir: How can I hookup a logger to a specific logger backend

Question

I have a situation like this:

In a Phoenix application, I have some protected information, and want to log those information in different ways to different places.

For example:

EncryptedLogger => Log to LoggerBackend 1 => write to machine 1

PlainLogger => Log to LoggerBacken 2 => write to machine 2

LoggerBackend 1 and LoggerBackend 2 can be the same type of custom logger backend, but configured differently to point to machine 1 and machine 2 respectively. This part I have already done.

The thing I don't know how to do is: How to hook EncryptedLogger only to Backend 1 and PlainLogger only to Backend 2.

We know that for Elixir, a call to Logger will write info to all the backends that are specified in app config. Currently, any call on any loggers will write to both Backend 1 and Backend 2.

Question: Is it possible to easily hook specific loggers to only specific backends? (Not all the backends)

Here are the requirements:

1- Retain as much as possible the Logger calls in the code. We have a lot of Logger calls in the code, so ideally we should have to change only minimum log calls that log the PHI information. The other calls must just work.

2- For each of the call to the Logger, for example Logger.debug(“Call list_user:” … whatever users list from database here) , it must do the following things: - Log to the extremely secured PHI log server, send only information that is PHI, so we don't redundantly write Non-PHI information there. - Log to the Non-PHI log server: All non-phi information is stored as they are, and all the phi information is stored with phi data masked as “*”

3- All the current logger backends, for example: :console, LoggerFileBackend should still work with no modification, and they must log non-phi data, phi-data securely, meaning no real PHI data can be printed to those existing logger backends.

4- When people add more Logger backends to log to different services, for example Timber or Spark, it must be incorporated in to PHI – Non PHI tasks seamlessly. If they misconfigure the logger, the PHI information should not go there unmasked. And the existing calls to Logger in the current application code must not be changed.

5- When software engineers call the Logger.info, Logger.debug, Logger.error in the code, the PHI information cannot be accidentally leaked. For example some existing code or new code like this: Logger.error(“Error updating user: #{inspect(user)}) will automatically print the masked version of data to log, instead of the original.

Answer 1

It is not possible currently. My suggestion would be to bypass the Logger infrastructure and directly invoke and write to the EncryptedFile/EncryptedBackend.

Answer 2

Here is my solution for this problem: http://hanoian.com/content/index.php/28-elixir-logger-to-different-backends-selectively-with-different-info

The whole explanation is rather long, with a github link to the demo. But the gist of it is that created a proxy backend to receive all the Logger's calls, then the proxy backend will call different backends in different ways to send different types of information.