当前位置: 动力学知识库 > 问答 > 编程问答 >

logging - How should I obtain haproxy's detailed http logs when using ssl?

问题描述:

I'm using HAProxy's option httplog logs extensively. We're about to move to ssl frontends though, which causes me to lose that info. Is there a recommended way to continue to get this logging detail?

It seems like I could either:

  • use stunnel in front of haproxy to decrypt the traffic
  • aggregate the logs from the tomcats instead

Is there a better or recommended way? I'm pretty new to this stuff.

网友答案:

Terminate SSL with nginx on port 443, and do a reverse proxy to haproxy on port 80.

All logs will then be available via option httplog.

网友答案:
frontend https-in
    bind *:443 ssl crt  /etc/ssl/private/xxx.com.pem
    reqadd X-Forwarded-Proto:\ https
    default_backend finance_koala_server_https
    option httplog 

key point config:

option httplog in https-in

see log:

Jan 14 12:48:57 localhost haproxy[39918]: 117.136.40.129:14853 [14/Jan/2015:12:48:57.127] https-in~ xx_server_https/xxx_node_8002 170/0/0/3/173 200 739 - - --NN 0/0/0/0/0 0/0 "GET /xxx/xxx HTTP/1.1"

分享给朋友:
您可能感兴趣的文章:
随机阅读: