Re: Allow gorouter to log random headers.
David Laing
Shannon, Simon,
As the lead of the logsearch.io (ELK) project; I'm also interested in having
GoRouter log additional headers. Specifically Trace-Id and Span-Id
generated by the spring-cloud-sleuth project
(https://github.com/spring-cloud-incubator/spring-cloud-sleuth ).
However, not having a whitelist of headers to log opens a possible DDOS
attack vector on the GoRouter, so I think having a operator configureable
whitelist (with some sensible defaults like Trace-Id and Span-Id) is the
right approach.
Specifically, sending the following curl to an app hosted on PWS:
curl --header "Trace-Id: 1c884728-466c-4ba3-8caa-a02a780c6d56"
http://www.birdsangola.org/
Gives the following [RTR] log from loggregator:
Fri Jul 24 2015 13:10:52 GMT+0100 (BST) [RTR] OUT www.birdsangola.org -
[24/07/2015:12:10:52 +0000] "GET / HTTP/1.1" 200 0 7772 "-" "curl/7.30.0"
10.10.2.185:46765 x_forwarded_for:"92.40.249.226"
vcap_request_id:3a33d5f6-dc11-42c4-61c7-32a1a2557200
response_time:0.001380276 app_id:0c34cc9f-45a8-440e-b876-b0cde564fbe3
It doesn't look like the extra Trace-Id header has been passed through to
the loggregator [RTR] log.
I'd be happy to work with Simon to contribute to a PR that implements the
"above whitelist of headers to log" feature.
Thoughts?
:D
--
View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-Allow-gorouter-to-log-random-headers-tp800p877.html
Sent from the CF Dev mailing list archive at Nabble.com.
As the lead of the logsearch.io (ELK) project; I'm also interested in having
GoRouter log additional headers. Specifically Trace-Id and Span-Id
generated by the spring-cloud-sleuth project
(https://github.com/spring-cloud-incubator/spring-cloud-sleuth ).
If GoRouter logged whatever headers were included in the request, wouldn'tThis would certainly satisfy my requirements, and I think Simon's too.
this satisfy your requirements?
However, not having a whitelist of headers to log opens a possible DDOS
attack vector on the GoRouter, so I think having a operator configureable
whitelist (with some sensible defaults like Trace-Id and Span-Id) is the
right approach.
Doesn't GoRouter do this already?I don't think so.
Specifically, sending the following curl to an app hosted on PWS:
curl --header "Trace-Id: 1c884728-466c-4ba3-8caa-a02a780c6d56"
http://www.birdsangola.org/
Gives the following [RTR] log from loggregator:
Fri Jul 24 2015 13:10:52 GMT+0100 (BST) [RTR] OUT www.birdsangola.org -
[24/07/2015:12:10:52 +0000] "GET / HTTP/1.1" 200 0 7772 "-" "curl/7.30.0"
10.10.2.185:46765 x_forwarded_for:"92.40.249.226"
vcap_request_id:3a33d5f6-dc11-42c4-61c7-32a1a2557200
response_time:0.001380276 app_id:0c34cc9f-45a8-440e-b876-b0cde564fbe3
It doesn't look like the extra Trace-Id header has been passed through to
the loggregator [RTR] log.
I'd be happy to work with Simon to contribute to a PR that implements the
"above whitelist of headers to log" feature.
Thoughts?
:D
--
View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-Allow-gorouter-to-log-random-headers-tp800p877.html
Sent from the CF Dev mailing list archive at Nabble.com.