We're building a logging system for our project. We want to see almost everything as a log like Docker, application console etc. Since we're growing up, we do not want to make mistake about logs(wrong scheme, indexing, querying etc.)
There are few questions in my mind,
- After some times, log file size will grow up and be a problem. What should we do about it?
- We want to log user actions like when they purchase something or their message logs etc. For that purpose, what should we do? Should we save their message logs with timestamp to Elasicearch?
- We want to analyze everything. Should we use timestamp for every document?
I'd like to hear your ideas. Thanks!