You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2020/08/10 16:57:31 UTC
svn commit: r1064178 - in /websites/production/cxf/content:
cache/docs.pageCache docs/message-logging.html
Author: buildbot
Date: Mon Aug 10 16:57:31 2020
New Revision: 1064178
Log:
Production update by buildbot for cxf
Modified:
websites/production/cxf/content/cache/docs.pageCache
websites/production/cxf/content/docs/message-logging.html
Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.
Modified: websites/production/cxf/content/docs/message-logging.html
==============================================================================
--- websites/production/cxf/content/docs/message-logging.html (original)
+++ websites/production/cxf/content/docs/message-logging.html Mon Aug 10 16:57:31 2020
@@ -147,7 +147,7 @@ xmlns:ns3="http://person.jms2rest.camel.
</div></div><p>This does not look very informative. You only see that it is an incoming request (REQ_IN) and the SOAP message in the log message. The logging feature provides a lot more information though. To leverage these the pax logging config can be changed to show the relevant MDC values.</p><h2 id="MessageLogging-Karafdecantersupporttowriteintoelasticsearch">Karaf decanter support to write into elastic search</h2><p>Many people use elastic search for their logging. Fortunately you do not have to write a special LogSender for this purpose. The standard CXF logging feature will already work.</p><p>It works like this:</p><ul><li>CXF sends the messages as slf4j events which are processed by pax logging</li><li>Karaf Decanter LogCollector attaches to pax logging and sends all log events into the karaf message bus (EventAdmin topics)</li><li>Karaf Decanter ElasticSearchAppender sends the log events to a configurable elastic search instance</li></ul><p>As Decanter also provides featu
res for a local elastic search and kibana instance you are ready to go in just minutes.</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Installing Decanter for CXF Logging</b></div><div class="codeContent panelContent pdl">
<pre class="brush: bash; gutter: false; theme: Default">feature:repo-add mvn:org.apache.karaf.decanter/apache-karaf-decanter/3.0.0-SNAPSHOT/xml/features
feature:install decanter-collector-log decanter-appender-elasticsearch elasticsearch kibana</pre>
-</div></div><p><br clear="none">After that open a browser at <a shape="rect" class="external-link" href="http://localhost:8181/kibana" rel="nofollow">http://localhost:8181/kibana</a>. When decanter is released kibana will be fully set up. At the moment you have to add the logstash dashboard and change the index name to <strong>[karaf-]YYYY.MM.DD</strong>.</p><p>Then you should see your cxf messages like this:</p><p><span class="confluence-embedded-file-wrapper"><img class="confluence-embedded-image confluence-external-resource" src="http://www.liquid-reality.de/download/attachments/13860866/Screenshot%20from%202015-06-08%2017%3A21%3A20.png?version=1&modificationDate=1433777354000&api=v2" data-image-src="http://www.liquid-reality.de/download/attachments/13860866/Screenshot%20from%202015-06-08%2017%3A21%3A20.png?version=1&modificationDate=1433777354000&api=v2"></span></p><p>Kibana easily allows to filter for specific services and correlate requests and responses.</p><p
>This is just a preview of decanter. I will do a more detailed post when the first release is out.</p><p><br clear="none"></p></div><div class="container" title="Hint: double-click to select code"><h2 id="MessageLogging-Maskingsecuritysensitivedatainlogging">Masking security sensitive data in logging</h2><p>Version 3.4.0 provides an option to mask security relevant information in logging.</p><p>LoggingFeature has two new methods:</p><ul><li>addSensitiveElementNames(<span style="color: rgb(0,0,128);">final Set<String> sensitiveElements</span>); Configures names of sensitive XML and JSON elements, values to be masked.</li><li><pre>addSensitiveProtocolHeaderNames(<span style="color: rgb(0,0,128);">final Set<String> sensitiveProtocolHeaders</span>); <span>Configures </span>names of sensitive protocol headers, values to be masked.<br clear="none"><br clear="none"></pre></li></ul></div><p>After configuring these settings appropriate elements in XML and JSON and http
protocol headers will be masked on server and client sides:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader pdl" style="border-bottom-width: 1px;"><b>Configuration logging feature</b></div><div class="codeContent panelContent pdl">
+</div></div><p><br clear="none">After that open a browser at <a shape="rect" class="external-link" href="http://localhost:8181/kibana" rel="nofollow">http://localhost:8181/kibana</a>. When decanter is released kibana will be fully set up. At the moment you have to add the logstash dashboard and change the index name to <strong>[karaf-]YYYY.MM.DD</strong>.</p><p>Then you should see your cxf messages like this:</p><p><span class="confluence-embedded-file-wrapper"><img class="confluence-embedded-image confluence-external-resource" src="http://www.liquid-reality.de/download/attachments/13860866/Screenshot%20from%202015-06-08%2017%3A21%3A20.png?version=1&modificationDate=1433777354000&api=v2" data-image-src="http://www.liquid-reality.de/download/attachments/13860866/Screenshot%20from%202015-06-08%2017%3A21%3A20.png?version=1&modificationDate=1433777354000&api=v2"></span></p><p>Kibana easily allows to filter for specific services and correlate requests and responses.</p><p
>This is just a preview of decanter. I will do a more detailed post when the first release is out.</p><p><br clear="none"></p></div><div class="container" title="Hint: double-click to select code"><h2 id="MessageLogging-Maskingsecuritysensitivedatainlogging">Masking security sensitive data in logging</h2><p>Version 3.4.0 provides an option to mask security relevant information in logging.</p><p>LoggingFeature has two new methods:</p><ul><li>addSensitiveElementNames(final Set<String> sensitiveElements); Configures names of sensitive XML and JSON elements, values to be masked.</li><li>addSensitiveProtocolHeaderNames(final Set<String> sensitiveProtocolHeaders); Configures names of sensitive protocol headers, values to be masked.</li></ul></div><p>After configuring these settings appropriate elements in XML and JSON and http protocol headers will be masked on server and client sides:</p><div class="code panel pdl" style="border-width: 1px;"><div class="codeHeader panelHeader
pdl" style="border-bottom-width: 1px;"><b>Configuration logging feature</b></div><div class="codeContent panelContent pdl">
<pre class="brush: java; gutter: false; theme: Default">...
LoggingFeature loggingFeature = new LoggingFeature();
loggingFeature.addSensitiveElementNames(new HashSet<>(Arrays.asList("password")));