Re: Proposal about new default SSL log format

2021-07-08 Thread William Lallemand
On Thu, Jul 08, 2021 at 02:48:32PM +0200, Willy Tarreau wrote: > On Thu, Jul 08, 2021 at 02:18:32PM +0200, William Lallemand wrote: > > I saw that you hesitated between "conn_status" and "conn_err_code", the > > "conn_" prefix could be confusing at some point once you try to have > > errors on the

Re: Proposal about new default SSL log format

2021-07-08 Thread Willy Tarreau
On Thu, Jul 08, 2021 at 02:18:32PM +0200, William Lallemand wrote: > I saw that you hesitated between "conn_status" and "conn_err_code", the > "conn_" prefix could be confusing at some point once you try to have > errors on the frontend and the backend side in the same log-format, I > think

Re: Proposal about new default SSL log format

2021-07-08 Thread William Lallemand
Hello, On Wed, Jul 07, 2021 at 04:43:53PM +0200, Remi Tricot-Le Breton wrote: > I was indeed more focused on logging SSL related information only, with > the idea that an SSL log line could be displayed after a completed > handshake, hence the lack of upper layer information in the log line. >

Re: Proposal about new default SSL log format

2021-07-07 Thread Tim Düsterhus
Remi, On 7/7/21 4:43 PM, Remi Tricot-Le Breton wrote: A quick recap of the topics raised by the multiple conversations had in this thread : - we won't used tabs as separators in order to remain consistent with the existing log format (especially since this new format will only be an extension

Re: Proposal about new default SSL log format

2021-07-07 Thread Remi Tricot-Le Breton
Hello, On 06/07/2021 14:55, Willy Tarreau wrote: On Tue, Jul 06, 2021 at 12:19:56PM +0200, Tim Düsterhus wrote: Willy, On 7/6/21 12:12 PM, Willy Tarreau wrote: A few points first, that are needed to address various concerns. The goal here is to defined an HTTPS log format because that's what

Re: Proposal about new default SSL log format

2021-07-06 Thread Willy Tarreau
On Tue, Jul 06, 2021 at 12:19:56PM +0200, Tim Düsterhus wrote: > Willy, > > On 7/6/21 12:12 PM, Willy Tarreau wrote: > > A few points first, that are needed to address various concerns. The > > goal here is to defined an HTTPS log format because that's what the > > vast majority of users are

Re: Proposal about new default SSL log format

2021-07-06 Thread Tim Düsterhus
Willy, On 7/6/21 12:12 PM, Willy Tarreau wrote: A few points first, that are needed to address various concerns. The goal here is to defined an HTTPS log format because that's what the vast majority of users are dealing with day-to-day. For specific usages, everyone already redefines log

Re: Proposal about new default SSL log format

2021-07-06 Thread Willy Tarreau
Hi Rémi, [ I warned you that this was going to open a pandora box :-) ] On Fri, Jul 02, 2021 at 04:26:48PM +0200, Remi Tricot-Le Breton wrote: > Some work in ongoing to ease connection error and SSL handshake error > logging. > This will rely on some new sample fetches that could be added to a

Re: Proposal about new default SSL log format

2021-07-06 Thread Remi Tricot-Le Breton
Hello Aleksandar, On 03/07/2021 13:19, Aleksandar Lazic wrote: Hi Remi. How about to combine ssl_version/ssl_ciphers in one line. Yes why not. It would be helpful to see also the backend status. Maybe add a 14th and 15th line with following fields *backend_name '/' conn_status '/' SSL

Re: Proposal about new default SSL log format

2021-07-05 Thread Tim Düsterhus
Remi, On 7/5/21 5:15 PM, Remi Tricot-Le Breton wrote: 1) tab separated is better for any log import tool (mixing spaces and "/" is terrible for import) I don't have any problems with that apart from inconsistency with the other default formats. If switching to tabs for this format only does

Re: Proposal about new default SSL log format

2021-07-05 Thread Remi Tricot-Le Breton
Hello, On 02/07/2021 16:52, Илья Шипицин wrote: I worked with log formats a lot, couple of thoughts 1) tab separated is better for any log import tool (mixing spaces and "/" is terrible for import) I don't have any problems with that apart from inconsistency with the other default formats.

Re: Proposal about new default SSL log format

2021-07-05 Thread Remi Tricot-Le Breton
Hello, On 02/07/2021 16:56, Илья Шипицин wrote: also, "process name" is something that is prior knowledge. no need to log it every time (for millions of requests) This process name part does not seem to come from the log format line, it is never mentioned in the HTTP log-format string. If it

Re: Proposal about new default SSL log format

2021-07-05 Thread Remi Tricot-Le Breton
Hello Tim, On 02/07/2021 16:34, Tim Düsterhus wrote: Remi, On 7/2/21 4:26 PM, Remi Tricot-Le Breton wrote: But if anybody sees a missing information that could be beneficial for everybody, feel free to tell it, nothing is set in stone yet. […] Feel free to suggest any missing data, which

Re: Proposal about new default SSL log format

2021-07-03 Thread Aleksandar Lazic
On 03.07.21 13:27, Илья Шипицин wrote: сб, 3 июл. 2021 г. в 16:22, Aleksandar Lazic mailto:al-hapr...@none.at>>: Hi Remi. On 02.07.21 16:26, Remi Tricot-Le Breton wrote: > Hello list, > > Some work in ongoing to ease connection error and SSL handshake error logging.

Re: Proposal about new default SSL log format

2021-07-03 Thread Илья Шипицин
сб, 3 июл. 2021 г. в 16:22, Aleksandar Lazic : > Hi Remi. > > On 02.07.21 16:26, Remi Tricot-Le Breton wrote: > > Hello list, > > > > Some work in ongoing to ease connection error and SSL handshake error > logging. > > This will rely on some new sample fetches that could be added to a custom > >

Re: Proposal about new default SSL log format

2021-07-03 Thread Aleksandar Lazic
Hi Remi. On 02.07.21 16:26, Remi Tricot-Le Breton wrote: Hello list, Some work in ongoing to ease connection error and SSL handshake error logging. This will rely on some new sample fetches that could be added to a custom log-format string. In order to ease SSL logging and debugging, we will

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
also, "process name" is something that is prior knowledge. no need to log it every time (for millions of requests) пт, 2 июл. 2021 г. в 19:52, Илья Шипицин : > I worked with log formats a lot, couple of thoughts > > 1) tab separated is better for any log import tool (mixing spaces and "/" > is

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
I understand that everybody can redefine its own format. but I saw several times that default (not very comfortable) format was later adopted as industry wide. пт, 2 июл. 2021 г. в 19:52, Илья Шипицин : > I worked with log formats a lot, couple of thoughts > > 1) tab separated is better for any

Re: Proposal about new default SSL log format

2021-07-02 Thread Илья Шипицин
I worked with log formats a lot, couple of thoughts 1) tab separated is better for any log import tool (mixing spaces and "/" is terrible for import) 2) time should be iso8601 пт, 2 июл. 2021 г. в 19:29, Remi Tricot-Le Breton : > Hello list, > > Some work in ongoing to ease connection error and

Re: Proposal about new default SSL log format

2021-07-02 Thread Tim Düsterhus
Remi, On 7/2/21 4:26 PM, Remi Tricot-Le Breton wrote: But if anybody sees a missing information that could be beneficial for everybody, feel free to tell it, nothing is set in stone yet. […] Feel free to suggest any missing data, which could come from log-format specific fields or already

Proposal about new default SSL log format

2021-07-02 Thread Remi Tricot-Le Breton
Hello list, Some work in ongoing to ease connection error and SSL handshake error logging. This will rely on some new sample fetches that could be added to a custom log-format string. In order to ease SSL logging and debugging, we will also add a new default log format for SSL connections.