Logging service
Allows a plugin to provide status and diagnostic information.
The Logging service is only available server side.
For editorial guidance on what to log and what to avoid (sensitive data, noisy info messages, implementation details), see the logging guidelines.
import type { PluginInitializerContext, CoreSetup, Plugin, Logger } from '@kbn/core/server';
export class MyPlugin implements Plugin {
private readonly logger: Logger;
constructor(initializerContext: PluginInitializerContext) {
this.logger = initializerContext.logger.get();
}
public setup(core: CoreSetup) {
try {
this.logger.debug('doing something...');
// …
} catch (e) {
this.logger.error('failed doing something...');
}
}
}
Usage is very straightforward, one should just get a logger for a specific context and use it to log messages with different log level.
const logger = kibana.logger.get('server');
logger.trace('Message with `trace` log level.');
logger.debug('Message with `debug` log level.');
logger.info('Message with `info` log level.');
logger.warn('Message with `warn` log level.');
logger.error('Message with `error` log level.');
logger.fatal('Message with `fatal` log level.');
const loggerWithNestedContext = kibana.logger.get('server', 'http');
loggerWithNestedContext.trace('Message with `trace` log level.');
loggerWithNestedContext.debug('Message with `debug` log level.');
And assuming logger for server name with console appender and trace level was used, console output will look like this:
[2017-07-25T11:54:41.639-07:00][TRACE][server] Message with `trace` log level.
[2017-07-25T11:54:41.639-07:00][DEBUG][server] Message with `debug` log level.
[2017-07-25T11:54:41.639-07:00][INFO ][server] Message with `info` log level.
[2017-07-25T11:54:41.639-07:00][WARN ][server] Message with `warn` log level.
[2017-07-25T11:54:41.639-07:00][ERROR][server] Message with `error` log level.
[2017-07-25T11:54:41.639-07:00][FATAL][server] Message with `fatal` log level.
[2017-07-25T11:54:41.639-07:00][TRACE][server.http] Message with `trace` log level.
[2017-07-25T11:54:41.639-07:00][DEBUG][server.http] Message with `debug` log level.
The log will be less verbose with warn level for the server logger:
[2017-07-25T11:54:41.639-07:00][WARN ][server] Message with `warn` log level.
[2017-07-25T11:54:41.639-07:00][ERROR][server] Message with `error` log level.
[2017-07-25T11:54:41.639-07:00][FATAL][server] Message with `fatal` log level.
Pass ECS-compatible LogMeta as the second argument so operators can raise verbosity for a subset of traffic with meta filters in kibana.yml, without enabling debug for the whole logger.
Put stable entity identifiers under labels.*. Keep tags for categorical markers (event class), not IDs:
logger.debug('Rule execution finished', {
labels: {
ruleType: 'esql',
ruleId: rule.id,
spaceId: spaceId,
},
tags: ['rule-run'],
});
Operators can then target that traffic:
logging:
loggers:
- name: plugins.myPlugin
level: warn
filters:
- type: meta
match:
labels.ruleType: esql
level: debug
Guidelines:
- Prefer nested
labelsobjects ({ labels: { ruleType: 'esql' } }) so filter paths likelabels.ruleTypematch. Flat keys ({ 'labels.ruleType': 'esql' }) also work, but pick one shape and use it consistently. - Matching is strict equality — do not mix string and number types for the same field.
- Do not put secrets or PII in meta fields that filters may reference; filtered records still reach appenders with their full meta.
logger.isLevelEnabled('debug')ignores meta filters. If you gate expensive message construction, pass a message function (logger.debug(() => expensive(), meta)) or always pass meta on the call so the filter can decide.
For editorial guidance on what belongs in meta, see the logging guidelines.