plugin/log/README.md

# log

## Name

*log* - enables query logging to standard output.

## Description

By just using *log* you dump all queries (and parts for the reply) on standard output. Options exist
to tweak the output a little. Note that for busy servers logging will incur a performance hit.

Enabling or disabling the *log* plugin only affects the query logging, any other logging from
CoreDNS will show up regardless.

## Syntax

~~~ txt
log
~~~

With no arguments, a query log entry is written to *stdout* in the common log format for all requests.
Or if you want/need slightly more control:

~~~ txt
log [NAMES...] [FORMAT]
~~~

* `NAMES` is the name list to match in order to be logged
* `FORMAT` is the log format to use (default is Common Log Format), `{common}` is used as a shortcut
  for the Common Log Format. You can also use `{combined}` for a format that adds the query opcode
  `{>opcode}` to the Common Log Format.

You can further specify the classes of responses that get logged:

~~~ txt
log [NAMES...] [FORMAT] {
    class CLASSES...
}
~~~

* `CLASSES` is a space-separated list of classes of responses that should be logged

The classes of responses have the following meaning:

* `success`: successful response
* `denial`: either NXDOMAIN or nodata responses (Name exists, type does not). A nodata response
   sets the return code to NOERROR.
* `error`: SERVFAIL, NOTIMP, REFUSED, etc. Anything that indicates the remote server is not willing to
  resolve the request.
* `all`: the default - nothing is specified. Using of this class means that all messages will be
  logged whatever we mix together with "all".

If no class is specified, it defaults to `all`.

## Log Format

You can specify a custom log format with any placeholder values. Log supports both request and
response placeholders.

The following place holders are supported:

* `{type}`: qtype of the request
* `{name}`: qname of the request
* `{class}`: qclass of the request
* `{proto}`: protocol used (tcp or udp)
* `{remote}`: client's IP address, for IPv6 addresses these are enclosed in brackets: `[::1]`
* `{local}`: server's IP address, for IPv6 addresses these are enclosed in brackets: `[::1]`
* `{size}`: request size in bytes
* `{port}`: client's port
* `{duration}`: response duration
* `{rcode}`: response RCODE
* `{rsize}`: raw (uncompressed), response size (a client may receive a smaller response)
* `{>rflags}`: response flags, each set flag will be displayed, e.g. "aa, tc". This includes the qr
  bit as well
* `{>bufsize}`: the EDNS0 buffer size advertised in the query
* `{>do}`: is the EDNS0 DO (DNSSEC OK) bit set in the query
* `{>id}`: query ID
* `{>opcode}`: query OPCODE
* `{common}`: the default Common Log Format.
* `{combined}`: the Common Log Format with the query opcode.
* `{/LABEL}`: any metadata label is accepted as a place holder if it is enclosed between `{/` and
  `}`, the place holder will be replaced by the corresponding metadata value or the default value
  `-` if label is not defined. See the *metadata* plugin for more information.

The default Common Log Format is:

~~~ txt
`{remote}:{port} - {>id} "{type} {class} {name} {proto} {size} {>do} {>bufsize}" {rcode} {>rflags} {rsize} {duration}`
~~~

Each of these logs will be outputted with `log.Infof`, so a typical example looks like this:

~~~ txt
[INFO] [::1]:50759 - 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s
~~~

## Additional metadata

The log plugin adds the following metadata to allow for granular differentiation of NOERROR denial vs success messages. These are mapped from `plugin/pkg/response/classify.go` and `plugin/pkg/response/typify.go`.

* `{/log/class}`: success, denial
* `{/log/type}`: NODATA, NXDOMAIN, NOERROR

~~~ corefile
. {
    log . "{proto} Request: {name} {type} {/log/class} {/log/type}"
}
~~~

## Examples

Log all requests to stdout

~~~ corefile
. {
    log
    whoami
}
~~~

Custom log format, for all zones (`.`)

~~~ corefile
. {
    log . "{proto} Request: {name} {type} {>id}"
}
~~~

Only log denials (NXDOMAIN and nodata) for example.org (and below)

~~~ corefile
. {
    log example.org {
        class denial
    }
}
~~~

Log all queries which were not resolved successfully in the Combined Log Format.

~~~ corefile
. {
    log . {combined} {
        class denial error
    }
}
~~~

Log all queries on which we did not get errors

~~~ corefile
. {
    log . {
        class denial success
    }
}
~~~

Also the multiple statements can be OR-ed, for example, we can rewrite the above case as following:

~~~ corefile
. {
    log . {
        class denial
        class success
    }
}
~~~
Errors directive testing and fixing Drop a few tests and make it work and compile. Also add the documentation: errors.md 2016-03-19 12:58:08 +00:00			`# log`
Fix middleware log 2016-03-19 11:16:08 +00:00
Manual pages (#1346) * Add manual pages Generate manual pages from the README and extend README with Name and Description sections. The generation requires 'ronn' which may not be available. Just check in all generated manual pages. 2018-01-04 12:53:07 +00:00			`## Name`

			`log - enables query logging to standard output.`

			`## Description`

			`By just using log you dump all queries (and parts for the reply) on standard output. Options exist`
docs: update README and log plugin (#3602) README: remove the logo thing as we stopped doing that log: remote the lines about the clock output as that's gone as well and discuss the query log vs other logging a bit. Signed-off-by: Miek Gieben <miek@miek.nl> 2020-01-17 16:16:29 +01:00			`to tweak the output a little. Note that for busy servers logging will incur a performance hit.`
Manual pages (#1346) * Add manual pages Generate manual pages from the README and extend README with Name and Description sections. The generation requires 'ronn' which may not be available. Just check in all generated manual pages. 2018-01-04 12:53:07 +00:00
docs: update README and log plugin (#3602) README: remove the logo thing as we stopped doing that log: remote the lines about the clock output as that's gone as well and discuss the query log vs other logging a bit. Signed-off-by: Miek Gieben <miek@miek.nl> 2020-01-17 16:16:29 +01:00			`Enabling or disabling the log plugin only affects the query logging, any other logging from`
			`CoreDNS will show up regardless.`
Fix middleware log 2016-03-19 11:16:08 +00:00
			`## Syntax`

middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`~~~ txt`
Fix middleware log 2016-03-19 11:16:08 +00:00			`log`
			`~~~`

docs: update README and log plugin (#3602) README: remove the logo thing as we stopped doing that log: remote the lines about the clock output as that's gone as well and discuss the query log vs other logging a bit. Signed-off-by: Miek Gieben <miek@miek.nl> 2020-01-17 16:16:29 +01:00			`With no arguments, a query log entry is written to stdout in the common log format for all requests.`
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`Or if you want/need slightly more control:`
Fix middleware log 2016-03-19 11:16:08 +00:00
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`~~~ txt`
plugin/log: support multi nameScope (#2420) 2019-01-08 15:40:50 +08:00			`log [NAMES...] [FORMAT]`
Fix middleware log 2016-03-19 11:16:08 +00:00			`~~~`

plugin/log: support multi nameScope (#2420) 2019-01-08 15:40:50 +08:00			* `NAMES` is the name list to match in order to be logged
plugin/log: detail {combined} and {common} (#2422) These can be used (and are handy), document them. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-04 19:39:02 +00:00			* `FORMAT` is the log format to use (default is Common Log Format), `{common}` is used as a shortcut
			for the Common Log Format. You can also use `{combined}` for a format that adds the query opcode
			`{>opcode}` to the Common Log Format.
Fix middleware log 2016-03-19 11:16:08 +00:00
fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00			`You can further specify the classes of responses that get logged:`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
			`~~~ txt`
plugin/log: support multi nameScope (#2420) 2019-01-08 15:40:50 +08:00			`log [NAMES...] [FORMAT] {`
fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00			`class CLASSES...`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`}`
			`~~~`

fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00			* `CLASSES` is a space-separated list of classes of responses that should be logged

			`The classes of responses have the following meaning:`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
			* `success`: successful response
plugin/log: update nodata/NXDOMAIN story a bit (#2416) * plugin/log: update nodata/NXDOMAIN story a bit Add more words on nodata and NXDOMAIN which is a confusing DNS "feature" Fixes: #2412 Signed-off-by: Miek Gieben <miek@miek.nl> * typos Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-05 16:33:27 +00:00			* `denial`: either NXDOMAIN or nodata responses (Name exists, type does not). A nodata response
			`sets the return code to NOERROR.`
middleware/log cleanup readme (#413) 2016-11-09 13:02:06 +00:00			* `error`: SERVFAIL, NOTIMP, REFUSED, etc. Anything that indicates the remote server is not willing to
docs: update README and log plugin (#3602) README: remove the logo thing as we stopped doing that log: remote the lines about the clock output as that's gone as well and discuss the query log vs other logging a bit. Signed-off-by: Miek Gieben <miek@miek.nl> 2020-01-17 16:16:29 +01:00			`resolve the request.`
plugin/log: detail {combined} and {common} (#2422) These can be used (and are handy), document them. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-04 19:39:02 +00:00			* `all`: the default - nothing is specified. Using of this class means that all messages will be
			`logged whatever we mix together with "all".`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
docs: update README and log plugin (#3602) README: remove the logo thing as we stopped doing that log: remote the lines about the clock output as that's gone as well and discuss the query log vs other logging a bit. Signed-off-by: Miek Gieben <miek@miek.nl> 2020-01-17 16:16:29 +01:00			If no class is specified, it defaults to `all`.
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
Fix middleware log 2016-03-19 11:16:08 +00:00			`## Log Format`

Document log replacements Rename latency to duration. 2016-04-03 17:05:16 +01:00			`You can specify a custom log format with any placeholder values. Log supports both request and`
			`response placeholders.`

			`The following place holders are supported:`

mw/logs: add rflags to logging (#845) Add the DNS message response flags as {rflags} to the default logging Also complete the replacer testing that is was commented out. And (unrelated) Switch erratic and whoami to ease testing. Note: {flags} could and should be added as well - but we can leave that as a beginners bug. 2017-08-07 03:49:40 -07:00			* `{type}`: qtype of the request
			* `{name}`: qname of the request
			* `{class}`: qclass of the request
			* `{proto}`: protocol used (tcp or udp)
plugin/log: log remote port addr as well (#1573) Log the remote's port, for IPv6 addr this means we should enclose the v6 address in brackets; make this the default for 'remote'. 2018-02-28 18:15:12 -08:00			* `{remote}`: client's IP address, for IPv6 addresses these are enclosed in brackets: `[::1]`
plugin/log - Support for Metadata (#2251) * - add metadata support to Log * - adapt ctx after rebase 2018-11-13 14:20:49 -05:00			* `{local}`: server's IP address, for IPv6 addresses these are enclosed in brackets: `[::1]`
mw/logs: add rflags to logging (#845) Add the DNS message response flags as {rflags} to the default logging Also complete the replacer testing that is was commented out. And (unrelated) Switch erratic and whoami to ease testing. Note: {flags} could and should be added as well - but we can leave that as a beginners bug. 2017-08-07 03:49:40 -07:00			* `{size}`: request size in bytes
			* `{port}`: client's port
			* `{duration}`: response duration
			* `{rcode}`: response RCODE
plugin/log: explain the {size} better (#2269) This is now the raw size which may be larger than what a particular client actually sees. Clarify this a bit. Fixes #2258 Signed-off-by: Miek Gieben <miek@miek.nl> 2018-11-03 18:58:15 +00:00			* `{rsize}`: raw (uncompressed), response size (a client may receive a smaller response)
mw/logs: add rflags to logging (#845) Add the DNS message response flags as {rflags} to the default logging Also complete the replacer testing that is was commented out. And (unrelated) Switch erratic and whoami to ease testing. Note: {flags} could and should be added as well - but we can leave that as a beginners bug. 2017-08-07 03:49:40 -07:00			* `{>rflags}`: response flags, each set flag will be displayed, e.g. "aa, tc". This includes the qr
plugin/log: explain the {size} better (#2269) This is now the raw size which may be larger than what a particular client actually sees. Clarify this a bit. Fixes #2258 Signed-off-by: Miek Gieben <miek@miek.nl> 2018-11-03 18:58:15 +00:00			`bit as well`
mw/logs: add rflags to logging (#845) Add the DNS message response flags as {rflags} to the default logging Also complete the replacer testing that is was commented out. And (unrelated) Switch erratic and whoami to ease testing. Note: {flags} could and should be added as well - but we can leave that as a beginners bug. 2017-08-07 03:49:40 -07:00			* `{>bufsize}`: the EDNS0 buffer size advertised in the query
			* `{>do}`: is the EDNS0 DO (DNSSEC OK) bit set in the query
Document log replacements Rename latency to duration. 2016-04-03 17:05:16 +01:00			* `{>id}`: query ID
mw/logs: add rflags to logging (#845) Add the DNS message response flags as {rflags} to the default logging Also complete the replacer testing that is was commented out. And (unrelated) Switch erratic and whoami to ease testing. Note: {flags} could and should be added as well - but we can leave that as a beginners bug. 2017-08-07 03:49:40 -07:00			* `{>opcode}`: query OPCODE
plugin/log: detail {combined} and {common} (#2422) These can be used (and are handy), document them. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-04 19:39:02 +00:00			* `{common}`: the default Common Log Format.
			* `{combined}`: the Common Log Format with the query opcode.
plugin/log: update nodata/NXDOMAIN story a bit (#2416) * plugin/log: update nodata/NXDOMAIN story a bit Add more words on nodata and NXDOMAIN which is a confusing DNS "feature" Fixes: #2412 Signed-off-by: Miek Gieben <miek@miek.nl> * typos Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-05 16:33:27 +00:00			* `{/LABEL}`: any metadata label is accepted as a place holder if it is enclosed between `{/` and
			`}`, the place holder will be replaced by the corresponding metadata value or the default value
			`-` if label is not defined. See the metadata plugin for more information.
Document log replacements Rename latency to duration. 2016-04-03 17:05:16 +01:00
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`The default Common Log Format is:`

			`~~~ txt`
logging: unify pkg/log and plugin/log (#2245) Default to using pkg/log for all logging and use a fixed time prefix which is RFC3339Millli (doesn't exist in time, so we just extended RFC3339), i.e. Nano might be pushing it. Logs go from: 2018/10/30 19:14:55 [INFO] CoreDNS-1.2.5 2018/10/30 19:14:55 [INFO] linux/amd64, go1.11, to: 2018-10-30T19:10:07.547Z [INFO] CoreDNS-1.2.5 2018-10-30T19:10:07.547Z [INFO] linux/amd64, go1.11, Which includes the timezone - which oddly the std log package doesn't natively do. Signed-off-by: Miek Gieben <miek@miek.nl> 2018-10-31 21:32:23 +00:00			`{remote}:{port} - {>id} "{type} {class} {name} {proto} {size} {>do} {>bufsize}" {rcode} {>rflags} {rsize} {duration}`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`~~~`
Fix middleware log 2016-03-19 11:16:08 +00:00
logging: unify pkg/log and plugin/log (#2245) Default to using pkg/log for all logging and use a fixed time prefix which is RFC3339Millli (doesn't exist in time, so we just extended RFC3339), i.e. Nano might be pushing it. Logs go from: 2018/10/30 19:14:55 [INFO] CoreDNS-1.2.5 2018/10/30 19:14:55 [INFO] linux/amd64, go1.11, to: 2018-10-30T19:10:07.547Z [INFO] CoreDNS-1.2.5 2018-10-30T19:10:07.547Z [INFO] linux/amd64, go1.11, Which includes the timezone - which oddly the std log package doesn't natively do. Signed-off-by: Miek Gieben <miek@miek.nl> 2018-10-31 21:32:23 +00:00			Each of these logs will be outputted with `log.Infof`, so a typical example looks like this:

			`~~~ txt`
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-09-19 14:17:53 +01:00			`[INFO] [::1]:50759 - 29008 "A IN example.org. udp 41 false 4096" NOERROR qr,rd,ra,ad 68 0.037990251s`
plugin/log: fix closing of codeblock (#4680) This fixes the rendering of this README as html. The codeblock was closed with 4 ~, should be 3. Signed-off-by: Miek Gieben <miek@miek.nl> 2021-06-08 16:33:15 +02:00			`~~~`
logging: unify pkg/log and plugin/log (#2245) Default to using pkg/log for all logging and use a fixed time prefix which is RFC3339Millli (doesn't exist in time, so we just extended RFC3339), i.e. Nano might be pushing it. Logs go from: 2018/10/30 19:14:55 [INFO] CoreDNS-1.2.5 2018/10/30 19:14:55 [INFO] linux/amd64, go1.11, to: 2018-10-30T19:10:07.547Z [INFO] CoreDNS-1.2.5 2018-10-30T19:10:07.547Z [INFO] linux/amd64, go1.11, Which includes the timezone - which oddly the std log package doesn't natively do. Signed-off-by: Miek Gieben <miek@miek.nl> 2018-10-31 21:32:23 +00:00
Add metadata for response Type and Class to Log. (#7806) 2026-01-26 08:03:03 -08:00			`## Additional metadata`

			The log plugin adds the following metadata to allow for granular differentiation of NOERROR denial vs success messages. These are mapped from `plugin/pkg/response/classify.go` and `plugin/pkg/response/typify.go`.

			* `{/log/class}`: success, denial
			* `{/log/type}`: NODATA, NXDOMAIN, NOERROR

			`~~~ corefile`
			`. {`
			`log . "{proto} Request: {name} {type} {/log/class} {/log/type}"`
			`}`
			`~~~`

Fix middleware log 2016-03-19 11:16:08 +00:00			`## Examples`

middleware/{log,errors}: output everything to stdout (#684) Limit the options in both errors and log middleware, just output to stdout and let someone else (journald,docker) care about where to route the logs. This removes syslog and logging to a file. Fixes #573 #602 2017-05-31 20:28:53 +01:00			`Log all requests to stdout`
Fix middleware log 2016-03-19 11:16:08 +00:00
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`~~~ corefile`
			`. {`
			`log`
			`whoami`
			`}`
Fix middleware log 2016-03-19 11:16:08 +00:00			`~~~`

middleware/{log,errors}: output everything to stdout (#684) Limit the options in both errors and log middleware, just output to stdout and let someone else (journald,docker) care about where to route the logs. This removes syslog and logging to a file. Fixes #573 #602 2017-05-31 20:28:53 +01:00			Custom log format, for all zones (`.`)
Fix middleware log 2016-03-19 11:16:08 +00:00
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`~~~ corefile`
			`. {`
plugin/log: remove need to specify stdout (#1221) * plugin/log: remove need to specify stdout Since log will only be output to stdout is doesn't make sense to specify it in Corefile. Fixes: #1218 * fixup! plugin/log: remove need to specify stdout 2017-11-13 10:23:27 +01:00			`log . "{proto} Request: {name} {type} {>id}"`
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`}`
Fix middleware log 2016-03-19 11:16:08 +00:00			`~~~`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
plugin/log: update nodata/NXDOMAIN story a bit (#2416) * plugin/log: update nodata/NXDOMAIN story a bit Add more words on nodata and NXDOMAIN which is a confusing DNS "feature" Fixes: #2412 Signed-off-by: Miek Gieben <miek@miek.nl> * typos Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-05 16:33:27 +00:00			`Only log denials (NXDOMAIN and nodata) for example.org (and below)`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`~~~ corefile`
			`. {`
plugin/log: remove need to specify stdout (#1221) * plugin/log: remove need to specify stdout Since log will only be output to stdout is doesn't make sense to specify it in Corefile. Fixes: #1218 * fixup! plugin/log: remove need to specify stdout 2017-11-13 10:23:27 +01:00			`log example.org {`
doc update (#1140) * doc update Go through all README and fix mistakes, extend example and let more corefile snippets be test for validity. * Cant use spefic addr in test 2017-10-10 09:39:35 +02:00			`class denial`
			`}`
middleware/log: allows logging based on response classes (#325) Add the ability to add a class of responses to be logged; success, denial or error. The default is to log everything (all). Fixes #258 2016-10-10 12:09:29 +01:00			`}`
			`~~~`
fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00
plugin/log: detail {combined} and {common} (#2422) These can be used (and are handy), document them. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-04 19:39:02 +00:00			`Log all queries which were not resolved successfully in the Combined Log Format.`
fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00
			`~~~ corefile`
			`. {`
plugin/log: detail {combined} and {common} (#2422) These can be used (and are handy), document them. Signed-off-by: Miek Gieben <miek@miek.nl> 2019-01-04 19:39:02 +00:00			`log . {combined} {`
fix readme.md of log plugin (#1668) 2018-04-11 21:07:10 +03:00			`class denial error`
			`}`
			`}`
			`~~~`

			`Log all queries on which we did not get errors`

			`~~~ corefile`
			`. {`
			`log . {`
			`class denial success`
			`}`
			`}`
			`~~~`

			`Also the multiple statements can be OR-ed, for example, we can rewrite the above case as following:`

			`~~~ corefile`
			`. {`
			`log . {`
			`class denial`
			`class success`
			`}`
			`}`
			`~~~`