1347631 – [RFE] adding logging to REST API calls

Bug 1347631 - [RFE] adding logging to REST API calls

Summary: [RFE] adding logging to REST API calls

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	RestAPI
Sub Component:
Version:	4.0.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	ovirt-4.1.0-beta
Target Release:	4.1.0.2
Assignee:	Vinzenz Feenstra [evilissimo]
QA Contact:	Aleksei Slaikovskii
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1390192 1430942
TreeView+	depends on / blocked

Reported:	2016-06-17 09:50 UTC by Michal Skrivanek
Modified:	2017-03-09 23:23 UTC (History)
CC List:	14 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	With this update, a log file located in /var/log/httpd/ovirt-requests-log now logs all requests made to the Red Hat Virtualization Manager via HTTPS, including how long each request took. There is a 'Correlation-Id' header included to allow for easier comparison of requests when compared with the engine.log. CorrelationIds are now generated for every request automatically and can be passed to the REST API per Correlation-Id header or per correlation_id query parameter.
Clone Of:
Environment:
Last Closed:	2017-02-01 14:53:11 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:
Flags:	mperina: ovirt-4.1? pstehlik: testing_plan_complete- rule-engine: planning_ack? mperina: devel_ack+ lsvaty: testing_ack+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	61986	0	'None'	MERGED	Extended Correlation ID capability and logging	2020-12-01 13:39:56 UTC
oVirt gerrit	67974	0	'None'	MERGED	Setup: Add ovirt-requests-log to ssl.conf	2020-12-01 13:39:56 UTC

Description Michal Skrivanek 2016-06-17 09:50:45 UTC

REST API calls are not being logged at all in default log level, the commands or basically anything the API call invokes is not being logged either except when it fails. This makes basic troubleshooting almost impossible

Given the increase in REST API use by other projects and users and the general slowness of REST API it is important to be able to identify what is going on with the engine

We need to log enough information to be able to identify what endpoints have been called, by whom, what commands did it trigger and how long it took

Comment 2 Juan Hernández 2016-06-20 13:20:08 UTC

The API calls, like any other HTTP request, are logged in the web server log: /var/log/http/ssl_access_log. That includes the request time stamp, the request URL, the matrix and query parameters, and the response code.

If additional parameters are required the can be added as a custom log. For example, to create a custom log that also displays the time that it takes to serve the request the %D format specified can be added to the log format:

  LogFormat \
    "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" \
     myformat
  CustomLog \
    logs/mylog \
     mylog

These lines need to be added to the /etc/httpd/conf.d/ssl.conf file, then the web server needs to be restarted:

  # systemctl restart httpd

The details about the executed commands are already included in the engine log, like any other command. If there is the need to link them together the "Correlation-Id" header is intended exactly for that, and it can be added to the web server log as well:

  LogFormat ... \"%{Correlation-Id}\" ...

I believe that with this configuration of the web server log all the required information can be obtained.

Comment 3 Michal Skrivanek 2016-06-21 17:14:08 UTC

(In reply to Juan Hernández from comment #2)

Sounds as a great improvement which should be done ASAP
Context within engine.log is important, and providing the suggested corellation id would be good enough

Comment 4 Red Hat Bugzilla Rules Engine 2016-09-01 07:04:37 UTC

This request has been proposed for two releases. This is invalid flag usage. The ovirt-future release flag has been cleared. If you wish to change the release flag, you must clear one release flag and then set the other release flag to ?.

Comment 5 Aleksei Slaikovskii 2017-01-30 09:07:38 UTC

Verified on ovirt-engine-4.1.1-0.0

Note You need to log in before you can comment on or make changes to this bug.