Ok, I’ll try tonight if I can. 


> On Feb 12, 2018, at 9:31, Ralph Goers <ralph.go...@dslextreme.com> wrote:
> 
> Remko,
> 
> I believe I have addressed most of the feedback from these two emails, 
> although I haven’t figured out how the selected component stays highlighted 
> in the left hand menu. I’d appreciate you and everyone else taking another 
> look at https://rgoers.github.io/log4j-audit/index.html 
> <https://rgoers.github.io/log4j-audit/index.html>. 
> 
> Thanks,
> Ralph
> 
>> On Feb 5, 2018, at 8:04 AM, Remko Popma <remko.po...@gmail.com> wrote:
>> 
>> About the web site, the project seems to have components, but the component
>> links in the left-hand navigation menu are not very useful:
>> If you click on "Audit API" for example, only some standard Maven-generated
>> component links/pages are visible, no javadoc or sources in the Component
>> Reports.
>> Also the selected component should stay highlighted in the left-hand menu
>> like we do for the Log4j 2 web site.
>> 
>> The Javadoc page at the top of the left-hand navigation menu seems broken:
>> it shows the Log4j 2 modules, not the log4j-audit modules.
>> The submenu links under Javadoc (e.g. Javadoc/Log4j Audit API) all give 404
>> page not found errors.
>> 
>> 
>> 
>>> On Mon, Feb 5, 2018 at 11:49 PM, Remko Popma <remko.po...@gmail.com> wrote:
>>> 
>>> Some first impression feedback:
>>> 
>>> Top page:
>>> I think it is worth explaining the motivation/use case for audit logging
>>> here. What is "audit logging"? How is audit logging different from "normal"
>>> logging? What kind of applications would want to use audit logging and why?
>>> What are audit events? How do audit events relate to log events?
>>> 
>>> RequestContext page:
>>> I had trouble following this page. The explanation is going too fast for
>>> me and seems to be skipping over some steps. Is my understanding below
>>> correct?
>>> * Users must create a RequestContext to use audit logging (if true, best
>>> to start by saying that)
>>> * The reason users need to create a RequestContext is to have a single
>>> container for all data points that users want to log in their audit log.
>>> (Question: does this mean that RequestContext = Audit Event?)
>>> * A recommended/convenient way to implement a RequestContext is to stuff
>>> all values in the log4j ThreadContext (Question: is it really okay to
>>> assume that the service container does not hand off requests to worker
>>> threads?)
>>> * The example RequestContext implementation is too long (and repetitive -
>>> readers will get the point after a few attributes) - may be better to place
>>> the full class in an example application and only show snippets in this
>>> page (and perhaps link to the full example from the page)
>>> * After the example follows some explanation about the annotations. Seems
>>> pretty important stuff but is now just a wall of text. I would break it up
>>> into sections with bold headers, a separate section for each annotation.
>>> Current explanation of the annotations seems a bit too brief.
>>> *  RequestContextInterceptor example seems a bit long. Can you reduce it
>>> to its essence or break it up? (Also formatting seems off and has missing
>>> closing double quote in response.sendRedirect("/login); , but does this
>>> page really need to contain a fully working example?)
>>> * Finally, the the "passing context to service" section: are
>>> RequestContextInterceptor and  RequestContextHeaderInterceptor the same
>>> thing?
>>> * Does everyone using Spring know what " *The returned list should then
>>> be added to the RestTemplate* " means? (I have no clue :-) but I am
>>> Spring-ignorant.)
>>> 
>>> Audit Catalog page:
>>> The page mentions Products and Categories 3 times, every time saying "but
>>> Log4j doesn't do anything with that". Why not just leave it out altogether
>>> and not mention these?
>>> Why is it called a Catalog? Perhaps explaining why this term is a good
>>> name would help set the readers frame of thinking to understand the rest of
>>> the page.
>>> Also, do users need to create a catalog? Or is it something that emerges
>>> automatically when one uses audit logging? What happens if you don't create
>>> a catalog?
>>> 
>>> Hope this is useful,
>>> Remko
>>> 
>>> 
>>> On Mon, Feb 5, 2018 at 2:35 PM, Ralph Goers <ralph.go...@dslextreme.com>
>>> wrote:
>>> 
>>>> Well I have good news and bad news. The bad news is that I forgot my wife
>>>> and I were having people over for the super bowl so I didn’t have as much
>>>> time as I had hoped and I wasn’t able to run the Log4j 2.11.0 release 
>>>> build.
>>>> 
>>>> The good news is that I think Log4j Audit V1.0 is about ready for a
>>>> release. I have published the web site at https://rgoers.github.io/log4j
>>>> -audit/index.html <https://rgoers.github.io/log4j-audit/index.html>.
>>>> Some parts of the site will have problems since it hasn’t been released but
>>>> I hope you could take a look at it and review it before a release vote is
>>>> attempted.
>>>> 
>>>> You should also feel free to ask me questions here, but if it isn’t clear
>>>> then I expect the web site needs more work.
>>>> 
>>>> Ralph
>>> 
>>> 
>>> 
> 

Reply via email to