Include truncated http_authorization in nginx log messages

cesium-ml / baselayer

Fully customizable (scientific, compute-intensive) web application template

http://cesium-ml.org/baselayer/

30 stars 18 forks source link

Include truncated http_authorization in nginx log messages #239

Closed acrellin closed 2 years ago

acrellin commented 2 years ago

Log messages will now be of the form 127.0.0.1 - - [token e7a82026] [20/Jul/2021:14:59:50 -0700] "GET /api/sysin HTTP/1.1" 400 110 "-" "python-requests/2.25.1"

stefanv commented 2 years ago

@acrellin What do the log entries look like now? I presume they contain Authorization: token foo.

Can we do a regex replacement to get something similar to token=foo in the log instead?

Here's an example: https://serverfault.com/a/1006190

acrellin commented 2 years ago

@stefanv the format is now 127.0.0.1 - - token e7a82026-1446-49ee-8bb7-44f2bd94b8e3 [20/Jul/2021:13:02:49 -0700] "GET /api/sysin HTTP/1.1" 400 110 "-" "python-requests/2.25.1" which I quite like. I propose we leave it as is.

stefanv commented 2 years ago

OK, just place it in square brackets (or quotes) and I'll merge.