Serilog
Structured logging library for .NET — captures rich log events with properties instead of plain text strings, enabling powerful log querying in downstream sinks. Serilog features: property capture (Log.Information("Agent {AgentId} completed task {TaskId} in {Duration}ms", id, taskId, ms)), enrichers (add machine name, thread ID, user to all logs), sinks (write to Console, File, Seq, Elasticsearch, Application Insights, Datadog, Splunk), minimum level configuration, and filter expressions. Log.ForContext<AgentService>() creates contextual loggers. ASP.NET Core integration via UseSerilog() replaces default logging. Serilog.Settings.Configuration reads from appsettings.json. The standard structured logging library for .NET agent services.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
CRITICAL: Serilog structured logging can expose sensitive agent data — use IDestructuringPolicy to redact API keys, tokens, and PII from agent log properties. Never log agent credentials. Sink TLS configuration: Seq requires HTTPS in production; cloud sinks (Datadog, Splunk) default to TLS. Apply minimum retention policies on log storage for GDPR compliance.
⚡ Reliability
Best When
You're building a .NET agent service that needs structured, queryable logs across multiple outputs (console, file, Seq, Datadog) — Serilog's property capture and sink ecosystem is the gold standard for .NET observability.
Avoid When
You need performance counters/metrics (use Prometheus), distributed tracing (use OpenTelemetry), or your .NET app already has Microsoft.Extensions.Logging wired everywhere (can still use Serilog as provider).
Use Cases
- • Structured agent service logging — Log.Information("Agent {AgentId} started task {TaskType} with {ToolCount} tools", agent.Id, task.Type, tools.Count) captures searchable properties vs Log.Information("Agent started task") plain text
- • Multi-sink agent observability — WriteTo.Console().WriteTo.Seq("http://seq:5341").WriteTo.File("logs/agent.log") sends structured agent logs to console, Seq dashboard, and file simultaneously
- • Request correlation for agent API — Log.ForContext("CorrelationId", correlationId).Information("Agent API request {Method} {Path}") adds correlation ID to all agent request logs for distributed trace correlation
- • Agent error tracking with enrichment — LogContext.PushProperty("AgentId", agent.Id) enriches all subsequent logs in agent request scope; catches unhandled exceptions with full agent context for incident investigation
- • Minimum level override by namespace — MinimumLevel.Override("Microsoft.AspNetCore", LogEventLevel.Warning) suppresses noisy ASP.NET logs while keeping agent service logs at Debug level in development
Not For
- • High-frequency metrics — Serilog is for log events, not counters/gauges; logging 100k agent events/second exhausts I/O; use Prometheus/Micrometer for agent performance metrics
- • Distributed tracing — Serilog logs events but doesn't track distributed agent request flows across services; use OpenTelemetry with Serilog as one telemetry output for agent distributed tracing
- • Audit logs requiring tamper-proof storage — Serilog writes to configurable sinks; for agent compliance audit trails requiring immutability, route audit events to dedicated immutable storage alongside Serilog
Interface
Authentication
Serilog itself has no auth. Individual sinks may require auth: Seq API key, Datadog API key, Elasticsearch credentials configured in sink options.
Pricing
Serilog is Apache 2.0 licensed. Log sinks (Seq, Datadog) have separate pricing for their hosted services.
Agent Metadata
Known Gotchas
- ⚠ Log.CloseAndFlush() must be called on app shutdown — Serilog buffers log events; without Log.CloseAndFlush() or await Log.CloseAndFlushAsync() in Main() finally block, last agent log events before process exit are lost; critical for capturing agent shutdown/crash logs
- ⚠ Property destructuring requires @ prefix — Log.Information("Agent: {Agent}", agent) logs agent.ToString(); Log.Information("Agent: {@Agent}", agent) destructures object to JSON properties; without @ prefix, agent object properties are not searchable in Seq/Elasticsearch; use @ for agent model logging
- ⚠ Serilog replaces but doesn't automatically integrate ILogger — calling UseSerilog() in Program.cs replaces ILoggerFactory; existing services using ILogger<T> work via Microsoft.Extensions.Logging bridge; but Log.ForContext() static API is separate from injected ILogger; pick one API style for agent service consistency
- ⚠ Minimum level filtering happens before sinks — MinimumLevel.Information() globally filters before any sink receives events; Debug/Verbose agent logs set globally can overwhelm low-cost sinks; use per-sink minimum level: WriteTo.Seq(minimumLevel: LogEventLevel.Warning) for expensive cloud sinks
- ⚠ Async sink requires buffer size tuning — WriteTo.Async(a => a.File('logs/agent.log'), bufferSize: 10000) buffers events in memory; default buffer is 10k events; high-burst agent logging exceeds buffer causing BlockWhenFull behavior or silent drop depending on blockWhenFull setting; size buffer for expected agent log burst volume
- ⚠ Destructured sensitive data ends up in logs — {@Agent} logs ALL properties including agent.ApiKey, agent.Password; use Serilog.Destructurators or custom IDestructuringPolicy to redact sensitive agent properties before logging; never log raw agent credentials or PII
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for Serilog.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-07.