search

18F / domain-scan

A lightweight pipeline, locally or in Lambda, for scanning things like HTTPS, third party service use, and web accessibility.
Other
369 stars 139 forks source link

Making it so that the logging level can be adjusted when running in Lambda #247

Closed jsf9k closed 6 years ago

jsf9k commented 6 years ago

In the case of AWS Lambda, the root logger is used BEFORE our Lambda handler runs, and this creates a default logging handler that goes to the console. Once logging has been configured, calling logging.basicConfig() has no effect. The only way to get around this is to manually remove any root handlers (if present) before calling logging.basicConfig(). This unconfigures logging and allows --debug to affect the logging level that appears in the CloudWatch logs.

See here and here for more details.

I verified that, using the code in this pull request, I get tons more output from CloudWatch when running scanners in Lambda. If the --debug flag is omitted then the output remains as it has been until now.

jsf9k commented 6 years ago

I noticed this because I'm trying to debug some handshake failures in sslyze.