Michael Janke has posted a nice list of “a few semi-random thoughts on application logging”

Machine parseable (yet human readable) format
Single line events
Date/Time stamp
Rational message prioritization
Unique identifiers
Sufficient information to link the logs
Logging of failures
Timeliness
Serialized numbering on log messages

A few things caught my eye (like information disclosure, logs on a compromised system do not have to be presumed tainted, and logging successes is just skipped over) but overall a good read.