Ask a Jedi: Prevent ColdFusion from deleting log files

This post is more than 2 years old.

Grant asks:

Is there a way to use cflog to log to a log [lol] that doesn't get deleted by admin? If so, could it still rollover at a certain size? If not, what's the best way to accomplish this? I want to create a log my system can depend on as a valid resource if all other means of finding out what happened fail.

The short answer is no. As far as I know, once ColdFusion sees N version of a log file, where N is the number specified in your ColdFusion administrator in Log Settings/Maximum number of Archives, then the file will be deleted. You can kinda "cheat" your way around this. For example, I discovered that I could set the maximum number to 100000, which is probably enough to cover a couple decades of log files. (Actually, I tried 999999999999 first and got a fun little max int error.) You could also set the maximum file size higher as well. But technically - both of these do not solve the problem.

If you truly wanted to be sure ColdFusion wouldn't delete your logs you would need to use cffile instead. All cflog does is write, in a standard format, to the ColdFusion log directory. You could easily mimic this yourself. As for handling "rolling" - I actually don't like ColdFusion's way of rolling by size. I prefer rolling by date. If you want a simple day based file pattern you could use code like so...

<cfset name = "base"> <cfset name &= "." & day(now()) & "." & month(now()) & "." & year(now()) & ".txt"> <cfoutput>#name#</cfoutput>

In this snippet, the original value of name simply represents a name for the log. It could be 'security', 'cms', 'beer', etc. I then append the day, month, and year to the file name along with .txt. (And of course, .log would be fine.) This creates a file name of the form, base.29.11.2010.txt. You could add the current hour as well for more granularity.

Raymond Camden's Picture

About Raymond Camden

Raymond is a senior developer evangelist for Adobe. He focuses on document services, JavaScript, and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA https://www.raymondcamden.com

Archived Comments

Comment 1 by Daniel Budde posted on 11/30/2010 at 3:31 AM

Minor thing, but if you wanted to make sure the files appeared in order by name, you could do:

<cfset name = "base" & DateFormat(Now(), "yyyy.mm.dd") & ".txt" />

Just a thought.

Comment 2 by Raymond Camden posted on 11/30/2010 at 3:32 AM

Ah yes - that seems better.

Comment 3 by Brian posted on 11/30/2010 at 3:59 AM

I would think the only way an admin wouldn't be able to delete the log file would be if you log to another server where the local administrator doesn't have permission to delete the files.

Comment 4 by Raymond Camden posted on 11/30/2010 at 4:12 AM

@Brian: Right- but cflog doesn't allow for that. You can specify a file name, but just the name portion, not the directory or extension. Of course, you could change the log directory - but CF would need write access to the dir, which implies it has access to delete as well. (AFAIK)

Comment 5 by Brian posted on 11/30/2010 at 4:21 AM

I was thinking more of having a webservice on another server using cflog and on your primary server making service calls to it. Of course, if that server goes down, you lose you logs, so you may just want to use that to augment local logging.

Comment 6 by Raymond Camden posted on 11/30/2010 at 4:26 AM

So a CFM on server A uses a web service on server B? But how does that help? CF will still delete the file eventually.

Comment 7 by Brian posted on 11/30/2010 at 4:33 AM

I guess I read the original post differently. I read the important portion as being that admin couldn't delete the log so that it could be relied upon to determine what happened. The scenario I considered was a hacker gaining root access and wiping the logs on their way out.

Comment 8 by Gary Funk posted on 11/30/2010 at 7:22 AM

You could set the log director to disallow delete to everyone, including all admins, except for one special person.

Comment 9 by Gary Funk posted on 11/30/2010 at 7:23 AM

that should read 'log directory'

Comment 10 by Raymond Camden posted on 11/30/2010 at 7:23 AM

@Gary: I wonder if CF would handle that gracefully?

Comment 11 by Gary Funk posted on 11/30/2010 at 11:53 PM

I will do testing and let everyone know.