Ok, I’ll try tonight if I can.
> On Feb 12, 2018, at 9:31, Ralph Goers <ralph.go...@dslextreme.com> wrote: > > Remko, > > I believe I have addressed most of the feedback from these two emails, > although I haven’t figured out how the selected component stays highlighted > in the left hand menu. I’d appreciate you and everyone else taking another > look at https://rgoers.github.io/log4j-audit/index.html > <https://rgoers.github.io/log4j-audit/index.html>. > > Thanks, > Ralph > >> On Feb 5, 2018, at 8:04 AM, Remko Popma <remko.po...@gmail.com> wrote: >> >> About the web site, the project seems to have components, but the component >> links in the left-hand navigation menu are not very useful: >> If you click on "Audit API" for example, only some standard Maven-generated >> component links/pages are visible, no javadoc or sources in the Component >> Reports. >> Also the selected component should stay highlighted in the left-hand menu >> like we do for the Log4j 2 web site. >> >> The Javadoc page at the top of the left-hand navigation menu seems broken: >> it shows the Log4j 2 modules, not the log4j-audit modules. >> The submenu links under Javadoc (e.g. Javadoc/Log4j Audit API) all give 404 >> page not found errors. >> >> >> >>> On Mon, Feb 5, 2018 at 11:49 PM, Remko Popma <remko.po...@gmail.com> wrote: >>> >>> Some first impression feedback: >>> >>> Top page: >>> I think it is worth explaining the motivation/use case for audit logging >>> here. What is "audit logging"? How is audit logging different from "normal" >>> logging? What kind of applications would want to use audit logging and why? >>> What are audit events? How do audit events relate to log events? >>> >>> RequestContext page: >>> I had trouble following this page. The explanation is going too fast for >>> me and seems to be skipping over some steps. Is my understanding below >>> correct? >>> * Users must create a RequestContext to use audit logging (if true, best >>> to start by saying that) >>> * The reason users need to create a RequestContext is to have a single >>> container for all data points that users want to log in their audit log. >>> (Question: does this mean that RequestContext = Audit Event?) >>> * A recommended/convenient way to implement a RequestContext is to stuff >>> all values in the log4j ThreadContext (Question: is it really okay to >>> assume that the service container does not hand off requests to worker >>> threads?) >>> * The example RequestContext implementation is too long (and repetitive - >>> readers will get the point after a few attributes) - may be better to place >>> the full class in an example application and only show snippets in this >>> page (and perhaps link to the full example from the page) >>> * After the example follows some explanation about the annotations. Seems >>> pretty important stuff but is now just a wall of text. I would break it up >>> into sections with bold headers, a separate section for each annotation. >>> Current explanation of the annotations seems a bit too brief. >>> * RequestContextInterceptor example seems a bit long. Can you reduce it >>> to its essence or break it up? (Also formatting seems off and has missing >>> closing double quote in response.sendRedirect("/login); , but does this >>> page really need to contain a fully working example?) >>> * Finally, the the "passing context to service" section: are >>> RequestContextInterceptor and RequestContextHeaderInterceptor the same >>> thing? >>> * Does everyone using Spring know what " *The returned list should then >>> be added to the RestTemplate* " means? (I have no clue :-) but I am >>> Spring-ignorant.) >>> >>> Audit Catalog page: >>> The page mentions Products and Categories 3 times, every time saying "but >>> Log4j doesn't do anything with that". Why not just leave it out altogether >>> and not mention these? >>> Why is it called a Catalog? Perhaps explaining why this term is a good >>> name would help set the readers frame of thinking to understand the rest of >>> the page. >>> Also, do users need to create a catalog? Or is it something that emerges >>> automatically when one uses audit logging? What happens if you don't create >>> a catalog? >>> >>> Hope this is useful, >>> Remko >>> >>> >>> On Mon, Feb 5, 2018 at 2:35 PM, Ralph Goers <ralph.go...@dslextreme.com> >>> wrote: >>> >>>> Well I have good news and bad news. The bad news is that I forgot my wife >>>> and I were having people over for the super bowl so I didn’t have as much >>>> time as I had hoped and I wasn’t able to run the Log4j 2.11.0 release >>>> build. >>>> >>>> The good news is that I think Log4j Audit V1.0 is about ready for a >>>> release. I have published the web site at https://rgoers.github.io/log4j >>>> -audit/index.html <https://rgoers.github.io/log4j-audit/index.html>. >>>> Some parts of the site will have problems since it hasn’t been released but >>>> I hope you could take a look at it and review it before a release vote is >>>> attempted. >>>> >>>> You should also feel free to ask me questions here, but if it isn’t clear >>>> then I expect the web site needs more work. >>>> >>>> Ralph >>> >>> >>> >
