-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/17/2015 11:32 AM, André Warnier wrote: > Just to make sure.. > > Milinda Perera wrote: >> Hi all, >> >> Thanks for suggestions, >> >> Actually I want to log all HTTP / HTTPS requests from client >> applications to my Tomcat server and the Response sent back to >> the client. And logging requests and payloads are not target >> specific application running in the Tomcal server, which means >> all the request to the Tomcat server and all the responses from >> the Tomcat server >> >> My requirement cannot be fulfilled with external tools like >> wireshark because: 1. unable to log HTTPS requests and responses >> 2. And I need to get logged requests and responses in server side >> log files without external tools. > > Are you aware of the volume of data that this could be ? and about > the performance impact ? and about the complexity of doing this in > any way that would be useful ? > > HTTP requests tend to be small : a request line like "GET > /mylogo.jpg HTTP/1.1", and a few text headers). But the response to > that request may be very large (a 120 KB jpeg file). Multiply by > the number of requests for your homepage etc. (and never mind if > you are returning large PDF documents sometimes...) > > And then, to log this jpeg logo file in any useful manner, you > would have to a) analyse the response, to see what is sent back b) > encode this in some way, to write it usefully to your logfile (you > do not want binary data there, I presume) > > These are probably some of the reasons why the standard logging > methods don't do that. > >> >> by changing *org.apache.coyote.level=FINE *in log properties >> logs HTTP requests to the server, but does not log response. >> >> Highly appreciate if you guys can share your thoughts to achieve >> this. >> > > Ask the NSA for some tips ? > >> Thanks, Milinda >> >> >> >> On Wed, Jun 17, 2015 at 5:56 PM, André Warnier <a...@ice-sa.com> >> wrote: >> >>> Frederik Nosi wrote: >>> >>>> It helps only with HTTP though, no HTTPS or at least not >>>> easily. >>>> >>>> While we are at this, are you trying to debug a SOAP / REST >>>> connection from your application running on Tomcat to another >>>> server or a connection coming from outside to your Tomcat? >>>> >>>> >>>> On 06/17/2015 11:16 AM, Mark Thomas wrote: >>>> >>>>> On 17/06/2015 10:10, Milinda Perera wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I need to log HTTP payload content for debugging >>>>>> purposes. >>>>>> >>>>> Use Wireshark. That has the added benefit of not having any >>>>> unwanted side-effects on your application. >>>>> >>>>> Mark >>>>> >>>>> >>> If this is for one debugging session, you could also simply use >>> an add-on to a browser (such as Fiddler2 for IE), and record >>> the full exchanges there. It has the advantage that you see the >>> complete traffic in both directions (headers and content), and >>> that you can easily switch between different presentations of >>> the data, and save it to file if you need to. And depending on >>> what you are looking for, it may be a lot easier to handle than >>> Wireshark.
As others have pointed out, this will potentially generate a huge amount of information, most of it completely useless (logging your JPG logo over and over again?), and impact performance . . . That being said, I suppose one way to do this is to write a servlet filter, wrap the ServletResponse object, then do the logging in the filter. You could be careful in what you log (don't put the filter in front of images or pdf files, for example), and also have a servlet filter init parameter which could control the logging (or turn it off). Consider the volume of information you will generate. For example, I'm using the standard access logging that is configured with Tomcat 7.0.62. A web site gets about 250K requests per day, and I strip out a bunch of stuff using Perl. After all is said and done, a day's worth of logs is about 60 MB. Now, add response information and do the math. You'll find that it's not going to be a very pleasant. In order to handle that amount of data, you'll need to invest in streaming logging, a NoSQL database, and the infrastructure to support those tools. If that's what you wish to do, then great. Just be aware of what you're walking into. You might want to go back and actually determine the underlying business requirements before embarking on such a task. . . . just my two cents /mde/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVgcQ/AAoJEEFGbsYNeTwtAPkIAIDO334dMWLbejAVQ4us0jv7 a/cE69LwTpHJ7zxfGE4jbYsD3BvAJWQduBjuP83ePb37BiaYA9ImtJsXwkjfpPpk TTv3Xrse4gRXueR2x+cOQbx/1BMMmPyeUenBXwFoPA2V3xhAH0N5DUdyC9mb5Hju fk/2kquPHHuNNM3L9W3UE9BS7yhWed8wP93RG78oaopGm+anojwp6NQ2QZLxtdCc fSZ9QrFhuKfizvU2emyRznIdUx88fVnwvFt5wBzTlJf3EgRTGt1B2VGTUuVMPmTy SXJIzkZePAkGUswt35uh51n9IuKJXzPr5NEzNzAMMsbHVb828KbLY01YFiomGfU= =6WmU -----END PGP SIGNATURE----- --- This email is free from viruses and malware because avast! Antivirus protection is active. https://www.avast.com/antivirus --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
