Re: Allow gorouter to log random headers.
David Laing
Shannon, Simon,
As the lead of the logsearch.io (ELK) project; I'm also interested in having GoRouter log additional headers. Specifically Trace-Id and Span-Id generated by the spring-cloud-sleuth project (https://github.com/spring-cloud-incubator/spring-cloud-sleuth ). If GoRouter logged whatever headers were included in the request, wouldn'tThis would certainly satisfy my requirements, and I think Simon's too. However, not having a whitelist of headers to log opens a possible DDOS attack vector on the GoRouter, so I think having a operator configureable whitelist (with some sensible defaults like Trace-Id and Span-Id) is the right approach. Doesn't GoRouter do this already?I don't think so. Specifically, sending the following curl to an app hosted on PWS: curl --header "Trace-Id: 1c884728-466c-4ba3-8caa-a02a780c6d56" http://www.birdsangola.org/ Gives the following [RTR] log from loggregator: Fri Jul 24 2015 13:10:52 GMT+0100 (BST) [RTR] OUT www.birdsangola.org - [24/07/2015:12:10:52 +0000] "GET / HTTP/1.1" 200 0 7772 "-" "curl/7.30.0" 10.10.2.185:46765 x_forwarded_for:"92.40.249.226" vcap_request_id:3a33d5f6-dc11-42c4-61c7-32a1a2557200 response_time:0.001380276 app_id:0c34cc9f-45a8-440e-b876-b0cde564fbe3 It doesn't look like the extra Trace-Id header has been passed through to the loggregator [RTR] log. I'd be happy to work with Simon to contribute to a PR that implements the "above whitelist of headers to log" feature. Thoughts? :D -- View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-Allow-gorouter-to-log-random-headers-tp800p877.html Sent from the CF Dev mailing list archive at Nabble.com.
|
|