Module logging 

Operational logging facility (PR-5 of issue #487).

Routes the binary’s existing tracing::info! / tracing::warn! / tracing::error! call sites through a rotating, on-disk file appender so operators can ingest server logs into Splunk, Datadog, Loki, etc.

Default-OFF. Without a [logging] block in config.toml the daemon keeps the legacy tracing-subscriber::fmt setup that writes to stderr. Enabling file logging is opt-in:

[logging]
enabled = true
path = "~/.local/state/ai-memory/logs/"
max_size_mb = 100
max_files = 30
retention_days = 90
structured = false
level = "info"

See docs/security/audit-trail.md for the SIEM ingestion guide.

Functions

build_appender

Build the rolling file appender with the rotation policy from cfg. Defaults to daily rotation with max_files retained on disk.

init_file_logging

Initialise the file logging facility. Returns a WorkerGuard that the caller MUST keep alive for the lifetime of the process — when dropped it flushes the in-memory buffer to disk. Returns None when logging is disabled.

resolve_log_dir

Resolve the configured log directory honouring the user-mandated precedence ladder: CLI > env (AI_MEMORY_LOG_DIR) > [logging] path in config > platform default. The cfg-only entry point is kept for callers that don’t have a CLI override; subcommand wiring uses resolve_log_dir_with_override directly.

resolve_log_dir_with_override

Strict version: returns the log_paths::ResolvedDir so callers can surface the resolution layer in error messages, and propagates the world-writable-refusal error.