Logging in Code
Logging is the practice of emitting a durable, timestamped, structured record of what a trading program does and decides, using severity levels and correlation ids, so that live behaviour can be monitored, audited and debugged after the fact, which print statements cannot provide.
Quick answer: Logging is the practice of emitting a durable, timestamped, structured record of what a trading program does and decides, using severity levels and correlation ids, so that live behaviour can be monitored, audited and debugged after the fact, which print statements cannot provide.
In simple words
Logging means having your program write down what it is doing, with a timestamp and a severity, to a file or a logging system, so you can see what happened later. In trading this is essential: when an order behaves unexpectedly, the logs are often the only record of what your code saw and decided at that moment. A proper logging library, unlike scattered print statements, gives you levels, structure and control over where the records go.
Purpose
Logging exists so that an automated, unattended trading system leaves an auditable trail of its inputs, decisions and actions, enabling monitoring in real time and reconstruction of events after an incident.
Professional explanation
Why logging, not print
A print statement writes a string to standard output and is gone; it has no severity, no timestamp by default, no structure, no way to route or filter, and it clutters code you then have to remove. A logging framework is purpose-built: it attaches a timestamp and severity to every record, lets you set a threshold so debug detail can be suppressed in production, and can send records to multiple destinations (console, rotating files, a central log system) at once. In an unattended trading system that must run for hours and be understood after the fact, this is not a nicety, the logs are frequently the only evidence of what the code perceived and decided when something went wrong, so treating logging as core infrastructure rather than debugging scaffolding is essential.
Log levels and their discipline
Standard severity levels, typically DEBUG, INFO, WARNING, ERROR and CRITICAL, let one codebase emit both fine-grained detail and high-level events, with a runtime threshold deciding what is actually recorded. DEBUG carries verbose internal detail useful in development; INFO records normal significant events (a signal generated, an order placed and filled); WARNING flags recoverable anomalies (a retried API call, a stale-but-usable quote); ERROR marks a failed operation (an order rejected); CRITICAL marks a system-threatening condition (data feed down, risk limit breached, kill switch fired). The discipline is to choose levels consistently so that filtering to WARNING and above in production surfaces exactly what needs attention without drowning in noise, and so alerts can be wired to ERROR and CRITICAL.
Structured logging
Traditional logs are free-text lines that are easy for a human to read but painful for a machine to search and aggregate. Structured logging emits each record as key-value data (commonly JSON) with named fields, timestamp, level, event, symbol, order_id, quantity, price, latency, rather than a formatted sentence. The payoff is that logs become queryable: you can filter every event for a given order_id, aggregate fills by symbol, or compute the distribution of decision-to-fill latency, which is impossible with unstructured text at scale. For a trading system feeding a monitoring stack, structured logs are what make dashboards, alerts and post-incident analysis tractable.
Correlation ids: tracing one decision end to end
A single trading decision fans out across components, a tick arrives, a signal is computed, risk checks run, an order is sent, acknowledgements and fills return, possibly across services and threads. A correlation id (a unique identifier attached to all log records arising from the same originating event or order) lets you reconstruct that entire chain by filtering on one id, even when the records are interleaved with thousands of others. In a distributed or asynchronous system this is often the only practical way to answer why did this specific order do that, because without a shared id the causally related records are scattered and impossible to stitch together.
What to log in a trading system
The rule of thumb is to log enough to reconstruct any decision and any order's life, without logging so much that the signal drowns or you leak secrets. Log the inputs a decision was based on (the relevant quote or bar and computed indicators), the decision itself (signal generated, with reasons), every order event (submitted, acknowledged, filled, partially filled, rejected, cancelled, with ids, prices and sizes), risk checks and any veto, errors and retries, and system lifecycle events (start, stop, config loaded, kill switch). Critically, never log secrets, full API keys, tokens or passwords must be redacted, because logs are often less protected than the secret store. Timestamps should be precise and in a consistent zone, and each record should carry enough context (symbol, order id, correlation id) to be meaningful on its own.
Operational concerns: performance, rotation, retention
Logging has costs that matter in a low-latency, always-on system. Synchronous logging on the hot path can add latency and, if a disk stalls, even block trading, so high-throughput systems log asynchronously (a background thread or queue drains records) and avoid excessive DEBUG in production. Log files must be rotated (capped in size and rolled over) so they do not fill the disk and halt the system, and retained for a defined period to satisfy debugging and any audit needs before being archived or deleted. In distributed setups logs are shipped to a central aggregator so they survive a machine failure and can be searched in one place. These concerns are why logging is designed, not bolted on.
Logging framework vs print statements
| Aspect | Logging framework | print() |
|---|---|---|
| Timestamp and severity | Automatic on every record | Manual, usually absent |
| Filtering by level | Yes, at runtime | No |
| Structure / queryable | Yes (structured/JSON) | No, free text |
| Multiple destinations | Console, files, aggregator | Standard output only |
| Rotation and retention | Built in or configurable | None |
| Correlation / context fields | Supported | Manual and fragile |
Practical example
Illustrative example (Indian market)
Suppose a Bank Nifty order fills at a worse price than expected and you need to know why. With structured logging you filter every record carrying that order's correlation id and see, in sequence: the tick and computed z-score that triggered the signal (INFO), the risk check that approved one lot (INFO), the order submitted at 15:07:12.412 (INFO), a WARNING that the first API attempt timed out and was retried, and the fill at 15:07:12.910 nearly half a second later (INFO), explaining the slippage as a retry-induced delay, not a logic bug. Had the code used scattered print statements, these records would be unordered free text with no shared id and no latency detail, and the cause would be far harder to establish. This is an illustrative debugging trail, not a trade recommendation.
For an NSE live system, logging every order event with the broker order id, exchange timestamp and your correlation id makes it possible to reconcile your records against the broker's order and trade book at end of day, and to explain any discrepancy. API keys and access tokens (for example a Kite Connect token) must always be redacted from logs, since log files are commonly less protected than the secrets store.
Advantages
- Creates a durable, timestamped, auditable record of what the system did and decided
- Levels let one codebase emit both detail and high-level events, filtered at runtime
- Structured logs are queryable, powering dashboards, alerts and post-incident analysis
- Correlation ids let you trace one order or decision end to end across components
- Enables end-of-day reconciliation against the broker's order and trade records
Limitations
- Synchronous logging on the hot path can add latency or even block trading if disk stalls
- Over-logging drowns the signal and inflates storage and search cost
- Logs can leak secrets if API keys or tokens are not carefully redacted
- Structured logging and aggregation add setup and operational overhead
- Logs record what the code chose to log; unlogged state remains invisible after the fact
Common mistakes
- Using print statements instead of a logging framework, losing levels, timestamps and structure
- Logging secrets such as full API keys or access tokens into files that are poorly protected
- Logging everything at one level (or all at DEBUG) so nothing can be filtered or alerted on
- Free-text logs with no correlation id, making it impossible to trace one order across components
- Synchronous, verbose logging on the latency-critical path, slowing or stalling execution
- No log rotation, so files grow until the disk fills and the trading process halts
Professional usage
Professional trading systems treat logs as audit-grade infrastructure. They log structured JSON with consistent levels, attach a correlation id to every record arising from an order or decision, and ship logs asynchronously to a central aggregator (an ELK-style stack or equivalent) where they are searched, dashboarded and alerted on. ERROR and CRITICAL events page a human or trip automated controls; secrets are redacted by policy; timestamps are precise and in a fixed zone; and files are rotated and retained per a defined policy for debugging and compliance. The standard they hold is that any order's full lifecycle and the inputs behind any decision can be reconstructed from the logs alone.
Key takeaways
- Logging gives a durable, timestamped, structured record that print statements cannot
- Use severity levels consistently so production can filter to what needs attention and alert on errors
- Structured (key-value/JSON) logs are queryable, enabling dashboards and post-incident analysis
- Attach correlation ids to trace a single order or decision end to end across components
- Never log secrets, rotate and retain files, and log asynchronously off the hot path
Frequently asked questions
Why is logging important in a trading system?
What is the difference between logging and print statements?
What are log levels?
What is structured logging?
What is a correlation id in logging?
What should I log in a trading system?
Should I log API keys or passwords?
Can logging slow down my trading system?
What is log rotation and why does it matter?
How do logs help debug a live trading issue?
What is centralised logging?
How does logging relate to monitoring and alerting?
Is logging part of risk management?
Voice search & related questions
Natural-language questions people ask about Logging in Code.
Why do trading programs need logging?
What is the difference between logging and print?
What are log levels?
What is a correlation id?
Should I log my API key?
What should a trading system log?
Sources & references
Last reviewed 11 July 2026. Educational content only — not investment advice. Markets and rules change; verify current conventions with SEBI, NSE/BSE and your broker.