Use Nginx for audit logs

maxime

6/23/23, 9:30 PM

I have a sensitive webapp used only internally. I want to log all the actions of my users for 90 days.

To achieve that, I'm using a nginx reverse proxy that forwards all the requests to the webapp.

I have the following configuration

log_format postdata $request_body;

server {
       access_log  /var/log/nginx/access-post.log  postdata;

       location / {
          proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_pass https://sensitive-app/;
       }
}

But I'm only getting logs like this, without the JSON body of the requests

83.199.111.11 -  [23/Feb/2022:20:17:00 +0000] "POST /rts/?EIO=4&transport=polling HTTP/1.1" 200 189 "https://myapp.com/applications/61f/pages/61/edit" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36" ""

What is the best way in 2022 to use Nginx for audit logging ? Is there any better tool to achieve that ?

0 + 0

nginx

logging

bastion

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Use Nginx for audit logs

TH: ใช้ Nginx สำหรับบันทึกการตรวจสอบ

RO: Utilizați Nginx pentru jurnalele de audit

RU: Используйте Nginx для журналов аудита

VI: Sử dụng Nginx cho nhật ký kiểm toán

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.