Skip to content

Extended HTTP request & response body logging with Application Insights

License

Notifications You must be signed in to change notification settings

matthiasguentert/azure-appinsights-logger

Repository files navigation

Extended request logging with Application Insights

Introduction

This nuget package provides a custom middleware that allows to write the body of an HTTP request/response to a custom dimension.

Features

  • Log request & response body to Application Insights
  • Configure HTTP verbs that will trigger logging
  • Configure HTTP status code ranges that will trigger logging
  • Configure maximum body length to store
  • Provide optional cut off text
  • Configure name of custom dimension keys
  • Disable IP masking without the need to modify the App Insights resource as described here
  • Optionally log request body even in case a downstream middleware or handler throws
  • Allows redacting sensitive data like tokens, passwords, credit card numbers, etc.

A word of warning! Writing the content of an HTTP body to Application Insights might reveal sensitive user information that otherwise would be hidden and protected in transfer via TLS. So use this middleware with care - with great power comes great responsibility (I always wanted to say that...)!

Installation

Just pull in the nuget package like so:

dotnet add package Azureblue.ApplicationInsights.RequestLogging

Then you'll have to register the middleware in your Startup class with your container.

using Azureblue.ApplicationInsights.RequestLogging;

// ...

public void ConfigureServices(IServiceCollection services)
{
    // ...

    // Register App Insights
    services.AddApplicationInsightsTelemetry();

    // Register this middleware
    services.AddAppInsightsHttpBodyLogging();

    // ...
}

Finally configure the request pipeline. Make sure the call to UseAppInsightsHttpBodyLogging happens as early as possible as the order matters. Have a look at this issue. An example can be found in the ManualTests project.

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseAppInsightsHttpBodyLogging();
    }

    // ...
}

Configuration

You can overwrite the default settings as follows...

services.AddAppInsightsHttpBodyLogging(o => {
    o.HttpCodes.Add(StatusCodes.Status200OK);
    o.HttpVerbs.Add(HttpMethods.Get);
    o.MaxBytes = 10000;
    o.DisableIpMasking = true;
    o.EnableBodyLoggingOnExceptions = true;
});

...or stick with the defaults which are defined in BodyLoggerOptions.

Acknowledgement

This is an open source project, and I'd like to thank its contributors that added new features to the code! Thank you!🙏🏼

About

Extended HTTP request & response body logging with Application Insights

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages