diff --git a/apps/jumpserver/settings.py b/apps/jumpserver/settings.py
index cab2806e7..2564064cf 100644
--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -15,8 +15,9 @@ import sys
 
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+PROJECT_DIR = os.path.dirname(BASE_DIR)
 
-sys.path.append(os.path.dirname(BASE_DIR))
+sys.path.append(PROJECT_DIR)
 
 # Import project config setting
 try:
@@ -35,6 +36,10 @@ SECRET_KEY = CONFIG.SECRET_KEY or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = CONFIG.DEBUG or False
 
+
+# LOG LEVEL
+LOG_LEVEL = 'DEBUG' if DEBUG else CONFIG.LOG_LEVEL or 'WARNING'
+
 ALLOWED_HOSTS = CONFIG.ALLOWED_HOSTS or []
 
 # Application definition
@@ -132,6 +137,70 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
+# Logging setting
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'formatters': {
+        'verbose': {
+            'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s'
+        },
+        'main': {
+            'datefmt': '%Y-%m-%d %H:%M:%S',
+            'format': '%(asctime)s [%(module)s %(levelname)s] %(message)s',
+        },
+        'simple': {
+            'format': '%(levelname)s %(message)s'
+        },
+    },
+    'handlers': {
+        'null': {
+            'level': 'DEBUG',
+            'class': 'logging.NullHandler',
+        },
+        'console': {
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+            'formatter': 'main'
+        },
+        'file': {
+            'level': 'DEBUG',
+            'class': 'logging.FileHandler',
+            'formatter': 'main',
+            'filename': os.path.join(PROJECT_DIR, 'logs', 'jumpserver.log')
+        },
+    },
+    'loggers': {
+        'django': {
+            'handlers': ['null'],
+            'propagate': False,
+            'level': LOG_LEVEL,
+        },
+        'django.request': {
+            'handlers': ['console', 'file'],
+            'level': LOG_LEVEL,
+            'propagate': False,
+        },
+        'django.server': {
+            'handlers': ['console', 'file'],
+            'level': LOG_LEVEL,
+            'propagate': False,
+        },
+        'jumpserver': {
+            'handlers': ['console', 'file'],
+            'level': LOG_LEVEL,
+        },
+        'jumpserver.users.api': {
+            'handlers': ['console', 'file'],
+            'level': LOG_LEVEL,
+        },
+        'jumpserver.users.view': {
+            'handlers': ['console', 'file'],
+            'level': LOG_LEVEL,
+        }
+    }
+}
+
 # Internationalization
 # https://docs.djangoproject.com/en/1.10/topics/i18n/
 
diff --git a/apps/users/api.py b/apps/users/api.py
index bcd635fdb..6e556b64f 100644
--- a/apps/users/api.py
+++ b/apps/users/api.py
@@ -1,6 +1,8 @@
 # ~*~ coding: utf-8 ~*~
 #
 
+import logging
+
 from rest_framework import generics, mixins, status, permissions
 from rest_framework.views import APIView
 from rest_framework.response import Response
@@ -9,6 +11,9 @@ from .serializers import UserSerializer, UserGroupSerializer
 from .models import User, UserGroup
 
 
+logger = logging.getLogger('jumpserver.users.api')
+
+
 class UserListAddApi(generics.ListCreateAPIView):
     queryset = User.objects.all()
     serializer_class = UserSerializer
@@ -23,7 +28,7 @@ class UserDetailDeleteUpdateApi(generics.RetrieveUpdateDestroyAPIView):
     serializer_class = UserSerializer
 
     def put(self, request, *args, **kwargs):
-        print(request.META)
+        logger.debug(request.META)
         return super(UserDetailDeleteUpdateApi, self).put(request, *args, **kwargs)
 
     # def get(self, request, *args, **kwargs):
diff --git a/apps/users/views.py b/apps/users/views.py
index ee781c068..6989dc374 100644
--- a/apps/users/views.py
+++ b/apps/users/views.py
@@ -2,6 +2,8 @@
 
 from __future__ import unicode_literals
 
+import logging
+
 from django.shortcuts import get_object_or_404, reverse, render
 from django.http import HttpResponseRedirect
 from django.urls import reverse_lazy
@@ -18,6 +20,9 @@ from .models import User, UserGroup
 from .forms import UserAddForm, UserUpdateForm, UserGroupForm, UserLoginForm
 
 
+logger = logging.getLogger('jumpserver.users.views')
+
+
 class UserLoginView(FormView):
     template_name = 'users/login.html'
     form_class = UserLoginForm
@@ -28,12 +33,6 @@ class UserLoginView(FormView):
             return HttpResponseRedirect(reverse('users:user-list'))
         return super(UserLoginView, self).get(request, *args, **kwargs)
 
-    def post(self, request, *args, **kwargs):
-        print(self.request.user)
-        print(request.POST)
-        print(request.session.session_key)
-        return HttpResponseRedirect('/')
-
     def form_valid(self, form):
         username = form.cleaned_data.get('username', '')
         password = form.cleaned_data.get('password', '')
@@ -43,10 +42,11 @@ class UserLoginView(FormView):
             login(self.request, user)
             return HttpResponseRedirect(self.success_url)
 
+        logger.warning('Login user [%(username)s] password error' % {'username': username})
         return render(self.request, self.template_name, context={'form': form, 'error': '密码错误'})
 
     def form_invalid(self, form):
-        print(form.errors)
+        logger.warning('Login form commit invalid.')
         return super(UserLoginView, self).form_invalid(form)