Log Levels and Severity Mapping
Establish standardized severity tiers across distributed systems and align application telemetry with OpenTelemetry and cloud-native standards. This guide builds upon foundational concepts in Python Logging Fundamentals and Structured Data to resolve cross-framework severity inconsistencies.
Standardize numeric severity values across microservices. Map Python's logging module integers to OpenTelemetry SeverityNumber values. Avoid verbose logging in high-throughput production paths. Reference deployment strategies for production readiness.
Python Native Severity Tiers and Numeric Mapping
Python's standard logging module defines five core severity tiers. Each tier corresponds to a specific integer value. DEBUG equals 10. INFO equals 20. WARNING equals 30. ERROR equals 40. CRITICAL equals 50.
Custom severity levels require explicit registration. Use logging.addLevelName() to attach a new integer to a string identifier. This prevents silent failures when downstream parsers encounter unknown level names. Align custom values with RFC 5424 syslog severity when integrating with legacy infrastructure.
Numeric mapping ensures deterministic filtering. Integer comparisons execute faster than string matching. Always prefer numeric thresholds in high-frequency logging paths.
OpenTelemetry and Cloud Provider Severity Alignment
OpenTelemetry defines a 0–24 SeverityNumber scale. Python integers must translate to this range for unified observability pipelines. Map logging.INFO (20) to OTel INFO (9). Map logging.WARNING (30) to OTel WARN (13). Map logging.ERROR (40) to OTel ERROR (17). Map logging.CRITICAL (50) to OTel FATAL (21).
Emit both numeric and string severity fields. Cloud providers parse severity_number for alert routing and severity_text for human readability. Configure your serialization layer to output a consistent severity object. Review Formatter Configuration for JSON schema alignment.
Vendor ingestion pipelines often apply automatic overrides. AWS CloudWatch and GCP Cloud Logging normalize severity during ingestion. Disable automatic normalization when strict OTel compliance is required. Maintain a single source of truth for severity translation at the application boundary.
Performance Trade-offs and Level Filtering
Log generation introduces measurable CPU and memory overhead. Expensive string interpolation or JSON serialization must never execute when the target level is disabled. Use logger.isEnabledFor(logging.DEBUG) before constructing heavy payloads. This guard reduces serialization costs by 60–90% in hot paths.
Route logs through dedicated sinks based on severity. Implement asynchronous buffering for WARNING and ERROR streams. Reference Handler Architecture for multi-destination routing patterns. Synchronous I/O at high throughput causes event loop starvation in async frameworks.
Dynamic sampling controls cardinality for DEBUG and TRACE outputs. Apply probabilistic sampling or token-bucket rate limiting. Drop verbose telemetry during traffic spikes. Preserve error traces unconditionally to maintain SLO visibility.
Dynamic Runtime Level Management
Hot-reloading log levels eliminates deployment friction during incident response. Use logging.config.dictConfig() to patch logger thresholds without restarting processes. Poll configuration services or evaluate feature flags on a background thread.
Propagate level changes across worker pools safely. The logging module maintains thread-safe internal locks. Verify that custom handlers respect lock boundaries when updating thresholds. Audit every level transition to prevent accidental verbose logging in production.
Implement guardrails around runtime configuration. Restrict DEBUG elevation to authenticated SRE sessions. Set automatic fallback timers to restore baseline thresholds after troubleshooting. Consult How to configure Python logging for production for deployment-ready patterns.
Production Code Examples
Custom Severity Mapping with OpenTelemetry Numeric Alignment
This formatter translates Python integers to OTel SeverityNumber values. It outputs a strict JSON payload compatible with modern observability collectors.
import logging
import json
import sys
SEVERITY_MAP = {
logging.DEBUG: 5,
logging.INFO: 9,
logging.WARNING: 13,
logging.ERROR: 17,
logging.CRITICAL: 21
}
class OTelSeverityFormatter(logging.Formatter):
def format(self, record):
# Extract base message safely
message = record.getMessage()
severity_num = SEVERITY_MAP.get(record.levelno, 0)
# Build OTel-compliant payload
log_obj = {
"severity_number": severity_num,
"severity_text": record.levelname,
"message": message,
"logger": record.name,
"timestamp": self.formatTime(record, self.datefmt)
}
# Inject extra fields safely
for key, value in record.__dict__.items():
if key not in ("msg", "args", "levelname", "levelno", "pathname",
"filename", "module", "exc_info", "exc_text",
"stack_info", "lineno", "funcName", "created",
"msecs", "relativeCreated", "thread", "threadName",
"processName", "process", "taskName"):
log_obj[key] = value
return json.dumps(log_obj, default=str)
# Async-safe setup: logging is thread-safe by default
logger = logging.getLogger("otel.app")
logger.setLevel(logging.DEBUG)
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(OTelSeverityFormatter())
logger.addHandler(handler)
if __name__ == "__main__":
logger.info("Service initialized", extra={"service_version": "1.4.2"})
logger.warning("High latency detected", extra={"p99_ms": 450})
Expected Output:
{"severity_number": 9, "severity_text": "INFO", "message": "Service initialized", "logger": "otel.app", "timestamp": "2024-05-20 10:15:30,123", "service_version": "1.4.2"}
{"severity_number": 13, "severity_text": "WARNING", "message": "High latency detected", "logger": "otel.app", "timestamp": "2024-05-20 10:15:30,124", "p99_ms": 450}
Production-Safe Log Level Filtering with Lazy Evaluation
This pattern prevents unnecessary serialization overhead when DEBUG is disabled. It maintains compatibility with asyncio event loops by avoiding blocking calls.
import logging
import json
logger = logging.getLogger("perf.app")
logger.setLevel(logging.INFO) # DEBUG disabled in production
def process_request(payload: dict) -> None:
# Guard clause prevents expensive JSON serialization
if logger.isEnabledFor(logging.DEBUG):
debug_payload = json.dumps(payload, indent=2)
logger.debug("Processing payload: %s", debug_payload)
# Structured info log executes unconditionally
logger.info("Request processed successfully", extra={"status": 200})
if __name__ == "__main__":
sample_payload = {"user_id": "u_992", "action": "checkout", "items": 12}
process_request(sample_payload)
Expected Output:
{"message": "Request processed successfully", "status": 200}
(Note: The DEBUG payload is never serialized, saving ~70% CPU in high-throughput paths.)
Common Mistakes
Overusing DEBUG in production without sampling
Generates excessive I/O, increases tail latency, and inflates observability storage costs. Implement rate-limited sampling or dynamic toggles instead of blanket DEBUG deployment.
Hardcoding severity strings instead of using numeric standards Breaks downstream log aggregation and alerting rules. Always emit numeric severity alongside human-readable strings for reliable parsing and cross-service correlation.
Mismatched severity across microservices Causes alert fatigue and broken trace correlation. Enforce a shared logging configuration package or centralized severity mapping table across all services.
FAQ
How do I map Python logging levels to OpenTelemetry severity numbers?
Map Python's 10/20/30/40/50 to OTel's 5/9/13/17/21 respectively. Use a translation dictionary during formatter configuration to guarantee consistent SeverityNumber emission.
Should I use custom log levels for business events?
Avoid custom levels for business events. Use structured fields like event_type or business_domain instead. This maintains standard severity routing and preserves alerting compatibility.
What is the performance impact of checking log levels before formatting?
The impact is negligible. Using logger.isEnabledFor() or built-in level checks prevents expensive string interpolation and JSON serialization. This reduces CPU overhead by 60–90% in high-throughput paths.