Re: Civetweb log format

[Aaron Bassett <Aaron.Bassett@xxxxxxxxxxxxx>]

Quick update:

adding the following to your config:

rgw log http headers = "http_authorization"

rgw ops log socket path = /tmp/rgw

rgw enable ops log = true

rgw enable usage log = true

and you can now

 nc -U /tmp/rgw |./jq --stream 'fromstream(1|truncate_stream(inputs))'

{

  "time": "2018-03-12 21:42:19.479037Z",

  "time_local": "2018-03-12 21:42:19.479037",

  "remote_addr": "",

  "user": "test",

  "operation": "PUT",

  "uri": "/testbucket/",

  "http_status": "200",

  "error_code": "",

  "bytes_sent": 19,

  "bytes_received": 0,

  "object_size": 0,

  "total_time": 600967,

  "user_agent": "Boto/2.46.1 Python/2.7.12 Linux/4.4.0-42-generic",

  "referrer": "",

  "http_x_headers": [

    {

      "HTTP_AUTHORIZATION": "AWS <aws key id>: <signature>"

    }

  ]

}

pretty good start on getting an audit log going!

On Mar 9, 2018, at 10:52 PM, Konstantin Shalygin <k0ste@xxxxxxxx> wrote:

Unfortunately I can't quite figure out how to use it. I've got "rgw log http headers = "authorization" in my ceph.conf but I'm getting no love in the rgw log.

I think this shold have 'http_' prefix, like:

rgw log http headers = "http_host, http_x_forwarded_for"





k

CONFIDENTIALITY NOTICE
This e-mail message and any attachments are only for the use of the intended recipient and may contain information that is privileged, confidential or exempt from disclosure under applicable law. If you are not the intended recipient, any disclosure, distribution or other use of this e-mail message or attachments is prohibited. If you have received this e-mail message in error, please delete and notify the sender immediately. Thank you.

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com