one question/feature request, and one possible bug. first, the bug:
haproxy is logging to a local syslog process with ==== global log 127.0.0.1 local5 ==== and syslog listening with: ==== local5.* /var/log/haproxy ==== haproxy.cfg contains the following frontend definition: ==== frontend http_proxy bind *:80 mode http option forwardfor option http-server-close option http-pretend-keepalive option httplog default_backend apache_ui ==== if I add the following two directives to my frontend definition, I get no log output *at all* (although "haproxy -c" returns success): ==== capture request header X-Forwarded-For len 15 capture cookie openx3_access_token len 63 ==== however, if instead add the following two headers, I get both an X-Forwarded-For value and a cookie value (presumably the last cookie specified if there are multiple) in my log output (pipe-delimited inside braces), along with the rest of the typical output for "option httplog": ==== capture request header X-Forwarded-For len 15 capture request header Cookie len 63 ==== is this a bug? should haproxy fail to log any output using "capture request header" and "capture cookie" directives in the same frontend? it appears to be legal syntax. now the question: is there a method to log (as you can see I'm attempting above) multiple cookies in log output? what about arbitrary cookie names? (software devs have stated that they'd like all cookies sent by the client dumped, even if they're not ones we're expecting, which means I can't specify the cookie names ahead of time because I don't know what they might be). in a similar vein, is there a method to log the entirety of the X-Forwarded-For header as passed in the HTTP request, and not just the first instance of the last value? We frequently get X-Forwarded-For headers that have 3-4 comma-separated values, and cannot currently change the rest of the infrastructure to transparently pass HTTP requests (multiple L7 proxies involved; no way to avoid multiple values in X-Forwarded-For, and we'd like to log the entire chain for forensic purposes). thanks all! -- Scott Francis | darkuncle(at)darkuncle(dot)net | 0x5537F527 Less and less is done until non-action is achieved when nothing is done, nothing is left undone. -- the Tao of Sysadmin