Update logging format to be Splunk friendly

[ericfranz]

• http://dev.splunk.com/view/logging-with-splunk/SP-CAAADP5
• http://dev.splunk.com/view/logging-best-practices/SP-CAAADP6

Splunk likes the default logging format for lograge which are the key value pairs

For example, currently we have something like this

[2016-06-17 15:31:01 -0400 sys/dashboard]  INFO method=GET path=/ format=html controller=dashboard action=index status=200 duration=23.99 view=21.95

we might consider updating it to something like this:

2016-06-17T15:31:01-0400 app=sys/dashboard severity=INFO method=GET path=/ format=html controller=dashboard action=index status=200 duration=23.99 view=21.95

If optimizing for Splunk, we were right to get rid of newlines in the stacktraces, even though that makes it harder to read:

Keep multi-line events to a minimum

Multi-line events generate a lot of segments, which can affect indexing and search speed, as well as disk compression. Consider breaking multi-line events into separate events.

http://dev.splunk.com/view/logging-best-practices/SP-CAAADP6

┆Issue is synchronized with this Asana task by Unito

[ericfranz]

Actually if its just a speed thing, we wouldn't have too many of these "multi-line" events. So perhaps we would add newlines back to the stack traces. Do we really need to pull out the complete stack trace via a grep? All we need is the first line to be easily grep-able. Maybe this deserves its own issue discussion, but we might consider reverting 3951011