Skip to content

Latest commit

 

History

History
52 lines (33 loc) · 1.66 KB

README.md

File metadata and controls

52 lines (33 loc) · 1.66 KB
Raw

Nitro Enclave Logger

A simple and efficient logging server designed to run inside the host machine to stream logs from the AWS Nitro Enclave.

  1. GET logs/stream -- Creates an SSE connection which can be listened by the client to access realtime logs
  2. GET /logs/history?log_id=50&offset=10 -- Responds with the logs starting with offset number of logs starting from log id = log_id-1
  3. GET /logs -- Server html file in response to both stream and view log history out of the box

Building the Server

  1. Clone the repository:

    git clone https://github.com/your-repo/nitro-enclave-logger.git

  2. Navigate to the project directory:

    cd nitro-enclave-logger

  3. Build the project in release mode:

    cargo build --release

Running the Server

Before running the server, you need to grant it permission to bind to server port (default = 516). This is required because ports below 1024 are privileged, and binding to them normally requires root access.

Notes:

  1. Since the program by default uses port 516, run the command below to allow the program to bind to this privileged port:

    sudo setcap 'cap_net_bind_service=+ep' ./target/release/logger

  2. After setting the capabilities, you can run the server:

    ./target/release/logger

  3. The server will start and listen for http requests on port 516.

Additional Information

  • Ensure your firewall and security groups allow traffic on port 516 if you intend to access the server from outside the host machine.
  • To reapply the capability (setcap) on the binary, run the command again after each rebuild.