Log Entry

Log entries exist only as transient console output or files on individual server disks. When a developer needs to debug an issue, they SSH into the suspected server and run 'tail -f' on whatever log file they think is relevant. There is no shared understanding of what gets logged, where log files live, or what format they follow. 'Check the logs' means something different to every engineer on the team.

None — AI cannot analyze log entries because they exist only as ephemeral text streams on individual machines with no consistent format or centralized access.

Log entries are shipped to a central aggregator like CloudWatch or a shared ELK stack, but every service logs differently. The payments service uses JSON with camelCase keys. The auth service logs plain text with pipe delimiters. The legacy monolith outputs multi-line Java stack traces with no structured fields. Searching across services requires knowing each service's log format and writing custom queries for each.

AI could search log entries by keyword or timestamp within a single service's format, but cannot reliably correlate log entries across services because field names, formats, and severity conventions are inconsistent.

Log entries follow a documented standard: JSON format, consistent field names (timestamp, service, level, message, requestId), and a shared severity taxonomy. Most services use the approved logging library. Engineers can search across services in Datadog or Splunk with consistent filters. However, log entry context varies — some services include rich metadata (userId, tenantId, traceId) while others include only the minimum fields.

AI can search and filter log entries across services using consistent fields, generate basic alerts from log patterns, and correlate log entries by requestId. Cannot perform deep contextual analysis because the metadata richness varies widely between services.

Log entries are comprehensive, structured records with mandatory contextual fields. Every log entry includes service name, environment, severity, trace ID, span ID, user ID, tenant ID, and resource identifiers. The logging schema is enforced at the library level — services that try to log without required fields get compile-time or initialization errors. An engineer can query 'show me all ERROR log entries for tenant X across all services in the last hour' and get complete, consistent results.

AI can perform cross-service root cause analysis by tracing log entries through request chains, correlate error patterns across tenants and services, and generate incident summaries from log entry streams. Cannot yet auto-classify previously unseen error patterns because log entries lack semantic categorization.

Log entries are formally typed events in an observability ontology. Each log entry carries validated relationships to the emitting service, the request trace, the affected tenant, the deployment version, and the infrastructure component. Error log entries include taxonomy codes from a machine-readable error classification system. An AI agent can ask 'show me all payment-domain error log entries that correlate with the 2pm deployment of billing-service v3.2.1 and affected enterprise-tier tenants' and get a precise, structured answer.

AI can autonomously triage incoming log entries, classify error patterns against the known taxonomy, correlate with deployment and infrastructure events, and draft incident reports — all without human interpretation of raw log text.

Log entries are self-describing, semantically rich events that carry their full context. Each log entry includes not just what happened, but why it matters — customer impact classification, related business transactions, and links to the code path that generated it. The logging system generates contextual annotations automatically from the service mesh, feature flag state, and deployment metadata. A log entry is not just a debug record — it is a complete operational event with full provenance.

Can autonomously interpret any log entry in full business and technical context, detect novel failure patterns, predict downstream impact, and initiate remediation — all from the self-contained semantic richness of the log entry itself.

Ceiling of the CMC framework for this dimension.