Re: Allow gorouter to log random headers.


David Laing
 

Shannon, Simon,

As the lead of the logsearch.io (ELK) project; I'm also interested in having
GoRouter log additional headers. Specifically Trace-Id and Span-Id
generated by the spring-cloud-sleuth project
(https://github.com/spring-cloud-incubator/spring-cloud-sleuth ).

If GoRouter logged whatever headers were included in the request, wouldn't
this satisfy your requirements?
This would certainly satisfy my requirements, and I think Simon's too.

However, not having a whitelist of headers to log opens a possible DDOS
attack vector on the GoRouter, so I think having a operator configureable
whitelist (with some sensible defaults like Trace-Id and Span-Id) is the
right approach.

Doesn't GoRouter do this already?
I don't think so.

Specifically, sending the following curl to an app hosted on PWS:

curl --header "Trace-Id: 1c884728-466c-4ba3-8caa-a02a780c6d56"
http://www.birdsangola.org/

Gives the following [RTR] log from loggregator:

Fri Jul 24 2015 13:10:52 GMT+0100 (BST) [RTR] OUT www.birdsangola.org -
[24/07/2015:12:10:52 +0000] "GET / HTTP/1.1" 200 0 7772 "-" "curl/7.30.0"
10.10.2.185:46765 x_forwarded_for:"92.40.249.226"
vcap_request_id:3a33d5f6-dc11-42c4-61c7-32a1a2557200
response_time:0.001380276 app_id:0c34cc9f-45a8-440e-b876-b0cde564fbe3

It doesn't look like the extra Trace-Id header has been passed through to
the loggregator [RTR] log.

I'd be happy to work with Simon to contribute to a PR that implements the
"above whitelist of headers to log" feature.

Thoughts?

:D



--
View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-Allow-gorouter-to-log-random-headers-tp800p877.html
Sent from the CF Dev mailing list archive at Nabble.com.

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.