Score:0

Use Nginx for audit logs

mh flag

I have a sensitive webapp used only internally. I want to log all the actions of my users for 90 days.

To achieve that, I'm using a nginx reverse proxy that forwards all the requests to the webapp.

I have the following configuration

log_format postdata $request_body;

server {
       access_log  /var/log/nginx/access-post.log  postdata;

       location / {
          proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_pass https://sensitive-app/;
       }
}

But I'm only getting logs like this, without the JSON body of the requests

83.199.111.11 -  [23/Feb/2022:20:17:00 +0000] "POST /rts/?EIO=4&transport=polling HTTP/1.1" 200 189 "https://myapp.com/applications/61f/pages/61/edit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36" ""

What is the best way in 2022 to use Nginx for audit logging ? Is there any better tool to achieve that ?

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.