From f1af827162cebfd1d2ebd78158c144d18ed5e769 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 6 Dec 2024 12:53:52 -0400 Subject: [PATCH 1/2] feat: log ip_src_asnum in nginx --- k8s/nginx-logging.conf | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/k8s/nginx-logging.conf b/k8s/nginx-logging.conf index 3c4ade4614..0bc7deca81 100644 --- a/k8s/nginx-logging.conf +++ b/k8s/nginx-logging.conf @@ -1,4 +1,6 @@ -# Define JSON log format - must be loaded before config that references it +# Define JSON log format - must be loaded before config that references it. +# Note that each line is fully enclosed in single quotes. Commas in arrays are +# intentionally inside the single quotes. log_format ietfjson escape=json '{' '"time":"$${keepempty}time_iso8601",' @@ -16,5 +18,6 @@ log_format ietfjson escape=json '"x_forwarded_proto":"$${keepempty}http_x_forwarded_proto",' '"cf_connecting_ip":"$${keepempty}http_cf_connecting_ip",' '"cf_connecting_ipv6":"$${keepempty}http_cf_connecting_ipv6",' - '"cf_ray":"$${keepempty}http_cf_ray"' + '"cf_ray":"$${keepempty}http_cf_ray",' + '"asn":"$${keepempty}http_x_ip_src_asnum"' '}'; From 252a7f8e70c1a9264694b82d5c0d09eb09f51db8 Mon Sep 17 00:00:00 2001 From: Jennifer Richards Date: Fri, 6 Dec 2024 13:04:51 -0400 Subject: [PATCH 2/2] feat: log asn from gunicorn --- dev/build/gunicorn.conf.py | 5 ++++- ietf/utils/jsonlogger.py | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/dev/build/gunicorn.conf.py b/dev/build/gunicorn.conf.py index cabbee0b1e..6666a0d37d 100644 --- a/dev/build/gunicorn.conf.py +++ b/dev/build/gunicorn.conf.py @@ -64,18 +64,21 @@ def _describe_request(req): start and end of handling a request. E.g., do not include a timestamp. """ client_ip = "-" + asn = "-" cf_ray = "-" for header, value in req.headers: header = header.lower() if header == "cf-connecting-ip": client_ip = value + elif header == "x-ip-src-asnum": + asn = value elif header == "cf-ray": cf_ray = value if req.query: path = f"{req.path}?{req.query}" else: path = req.path - return f"{req.method} {path} (client_ip={client_ip}, cf_ray={cf_ray})" + return f"{req.method} {path} (client_ip={client_ip}, asn={asn}, cf_ray={cf_ray})" def pre_request(worker, req): diff --git a/ietf/utils/jsonlogger.py b/ietf/utils/jsonlogger.py index b02cd7af2b..6502cab0cb 100644 --- a/ietf/utils/jsonlogger.py +++ b/ietf/utils/jsonlogger.py @@ -31,4 +31,5 @@ def add_fields(self, log_record, record, message_dict): log_record.setdefault("cf_connecting_ip", record.args["{cf-connecting-ip}i"]) log_record.setdefault("cf_connecting_ipv6", record.args["{cf-connecting-ipv6}i"]) log_record.setdefault("cf_ray", record.args["{cf-ray}i"]) + log_record.setdefault("asn", record.args["{x-ip-src-asnum}i"]) log_record.setdefault("is_authenticated", record.args["{x-datatracker-is-authenticated}o"])