The classic iOS way of logging debug messages is to use the built in NSLog method.

NSLog(@"Application Started");

The dissadvantage of this method is that when your application is ready for release, you have to manually remove them. Alternatively, you can include them in if or #ifdef/#endif blocks:

if(DEBUG)
    NSLog(@"Application Started");

An improvement to the above method of debugging is using the following DLog/ALog macros:

#ifdef DEBUG
#   define DLog(fmt, ...) NSLog((@"%s [Line %d] " fmt), __PRETTY_FUNCTION__, __LINE__, ##__VA_ARGS__)
#else
#   define DLog(...)
#endif

// ALog always displays output regardless of the DEBUG setting
#define ALog(fmt, ...) NSLog((@"%s [Line %d] " fmt), __PRETTY_FUNCTION__, __LINE__, ##__VA_ARGS__)

Then sprinkle them in your code:

DLog(@"Application Started");

If you need granular debug levels, one of the best options is the logging framework CocoaLumberjack. Using Cocoapods, it’s only one line of code ™:

pod 'CocoaLumberjack'

Then in your code:

DDLogDebug(@"Will Start Application");
// ...
DDLogInfo(@"Application Started");

Then in your Application.pch or AppDelegate.m you can set the desired log level:

static const int ddLogLevel = DDLogFlagDebug;

One powerfull feature of CocoaLumberjack is that you can define your custom log levels, so you can separate logging of different parts of your project:

[DDLog addLogger:[DDTTYLogger sharedInstance]];

DDLogSync(@"Starting Sync Operation");
DDLogRts(@"Broadcasting Real Time event");

Which then can be enabled or disabled by by setting the corresponding ddLogLevel:

static const int ddLogLevel = DDLogFlagDebug|LOG_FLAG_RTS;

So far, so good. When your friends are testing your app, your logs are saved on the device. If you’d like to access them, you can connect the device to your Mac and explore them in the Window > Devices menu (shift + cmd + 2).

One improuvement to the current setup would be send your logs to the net. For that, we’ll be using two more frameworks Antenna and DDAntennaLogger. Antenna is responsible for shipping the logs to your server, DDAntennaLogger is a custom logger for CocoaLumberjack. Once you plug them together, you’ll be able to have your logs automatically sent to your server.

pod 'CocoaLumberjack'
pod 'Antenna'
pod 'DDAntennaLogger'

Then in your code:

NSURL *logUrl = [NSURL URLWithString:@"http://log.marius.me.uk/log/"];
[[Antenna sharedLogger] addChannelWithURL:logUrl method:@"POST"];
[[Antenna sharedLogger] startLoggingApplicationLifecycleNotifications];

DDAntennaLogger *logger = [[DDAntennaLogger alloc] initWithAntenna:[Antenna sharedLogger]];
[DDLog addLogger:logger];
[DDLog addLogger:[DDTTYLogger sharedInstance]]; // To see them in the Xcode debugger

The server should have this end-point setup. You can save them to file, or db, or forward them to the logger of your choice.

For a node.js based example check out this npm package express-antenna-cocoalumberjack, or check this Ruby Rack middleware rack-http-logger.

npm install express-antenna-cocoalumberjack
export NODE_EXPRESS_ANTENNA_LOG_PATH=/tmp/
node node_modules/express-antenna-cocoalumberjack/app.js
tail -f /tmp/antenna-cocoalumberjack.log

And change the link to the remote logger to:

NSURL *logUrl = [NSURL URLWithString:@"http://yourserver:3205/log/"];
[[Antenna sharedLogger] addChannelWithURL:logUrl method:@"POST"];

There is one more bit to change, switch from http to https.

Now, there are two possible scenarios. The trivial one is when you setup the logger on the same server where you already have a SSL certificate setup (e.g. https://api.yourserver.com) or you own a wildcard SSL certificate. Everything up to this point should work great together.

Now let’s try to use a self signed certificate. Generate a SSL self signed certificate for 10 years:

openssl req -x509 -newkey rsa:2048 -keyout log.marius.me.uk.key \
  -out log.marius.me.uk.cert -days 3560 -nodes

Configure Apache to use that then see what happens.

The other one is when you try to use self-signed certificates, at which point you’ll get the following error message in the logs:

CFNetwork SSLHandshake failed (-9847)
NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9847)

Which pretty much means that your setup is not happy with the self-signed certificate.

Because we’re controlling both the server and the client, we’re able to use SSL pinning to overcome this issue. The basic of SSL pinning is we distribute our public key certificate with the application and configure our logging setup to authenticate using this certificate. TODO: try to add some analogies.

Convert the public key certificate to binary DER:

openssl x509 -in log.marius.me.uk.cert -out log.marius.me.uk.der -outform der

Configure your request operation manager to use the public key certificate, which you already dragged in your project:

- (AFSecurityPolicy*)remoteLoggingSecurityPolicy
{
    NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"log.marius.me.uk"
                                                        ofType:@"cer"];
    NSData *certData = [NSData dataWithContentsOfFile:cerPath];
    AFSecurityPolicy *securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
    [securityPolicy setAllowInvalidCertificates:YES]; // Unfortunate name
    [securityPolicy setPinnedCertificates:@[certData]];
    return securityPolicy;
}

Then you setup your Antenna logger to use a different channel:

AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager];
[manager setSecurityPolicy:[self remoteLoggingSecurityPolicy]];

NSURL *logUrl = [NSURL URLWithString:@"https://log.marius.me.uk/log/"];
AntennaHTTPSChannel *httpsChannel =
  [[AntennaHTTPSChannel alloc] initWithURL:logUrl
                                    method:@"POST"
                   requestOperationManager:manager];
[[Antenna sharedLogger] addChannel:httpsChannel];
[[Antenna sharedLogger] startLoggingApplicationLifecycleNotifications];

If your end-point is using authentication, you can set it up in the request operation manager, after setting up the security policy:

NSURLCredential *credential =
    [[NSURLCredential alloc] initWithUser:@"user"
                                 password:@"password"
                              persistence:NSURLCredentialPersistenceSynchronizable];
[manager setCredential:credential];

Now, the earlier error message should dissapear and you should see the logs comming to your server.

If you’re asking, why would you like to send the debug logs to a server, there are several reason. First of them is to get debug info from your beta builds, when your testers are not in the same city as you. Second of them is to corelate data coming to your server, with data sent to your iPad with debug messages from your iPad.

References: