logger: add cipher suite

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino 2024-11-13 18:33:07 +01:00
parent 618723c457
commit 0f073a40fd
No known key found for this signature in database
GPG key ID: 935D2952DEC4EECF
2 changed files with 30 additions and 12 deletions

View file

@ -15,6 +15,7 @@
package logger
import (
"crypto/tls"
"fmt"
"net"
"net/http"
@ -50,17 +51,21 @@ func NewStructuredLogger(logger *zerolog.Logger) func(next http.Handler) http.Ha
// NewLogEntry creates a new log entry for an HTTP request
func (l *StructuredLogger) NewLogEntry(r *http.Request) middleware.LogEntry {
scheme := "http"
cipherSuite := ""
if r.TLS != nil {
scheme = "https"
cipherSuite = tls.CipherSuiteName(r.TLS.CipherSuite)
}
fields := map[string]any{
"local_addr": getLocalAddress(r),
"remote_addr": r.RemoteAddr,
"proto": r.Proto,
"method": r.Method,
"user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI)}
"local_addr": getLocalAddress(r),
"remote_addr": r.RemoteAddr,
"proto": r.Proto,
"method": r.Method,
"user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI),
"cipher_suite": cipherSuite,
}
reqID := middleware.GetReqID(r.Context())
if reqID != "" {

View file

@ -34,6 +34,7 @@ import (
"github.com/go-chi/chi/v5/middleware"
"github.com/rs/cors"
"github.com/rs/xid"
"github.com/rs/zerolog"
"github.com/sftpgo/sdk/plugin/notifier"
"github.com/drakkan/sftpgo/v2/internal/common"
@ -390,15 +391,19 @@ func (s *webDavServer) checkRemoteAddress(r *http.Request) string {
func writeLog(r *http.Request, status int, err error) {
scheme := "http"
cipherSuite := ""
if r.TLS != nil {
scheme = "https"
cipherSuite = tls.CipherSuiteName(r.TLS.CipherSuite)
}
fields := map[string]any{
"remote_addr": r.RemoteAddr,
"proto": r.Proto,
"method": r.Method,
"user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI)}
"remote_addr": r.RemoteAddr,
"proto": r.Proto,
"method": r.Method,
"user_agent": r.UserAgent(),
"uri": fmt.Sprintf("%s://%s%s", scheme, r.Host, r.RequestURI),
"cipher_suite": cipherSuite,
}
if reqID, ok := r.Context().Value(requestIDKey).(string); ok {
fields["request_id"] = reqID
}
@ -417,7 +422,15 @@ func writeLog(r *http.Request, status int, err error) {
if status != 0 {
fields["resp_status"] = status
}
logger.GetLogger().Info().
var ev *zerolog.Event
if status >= http.StatusInternalServerError {
ev = logger.GetLogger().Error()
} else if status >= http.StatusBadRequest {
ev = logger.GetLogger().Warn()
} else {
ev = logger.GetLogger().Debug()
}
ev.
Timestamp().
Str("sender", logSender).
Fields(fields).