Reputation: 203
Silencing cherrypy access log for a particular method/api/url
The problem is simple, we would like CherryPy to not log access log for a particular exposed method/API that gets called.
Basically when this API gets called, there are some parameters in the query string of the URL which are very sensitive and if leaked, would expose potential security. Naturally this is a /GET request and unfortunately it is the only way the parameters could be passed, since its a redirect(302) from an external service to this web server.
If it would not log the URL, that would serve the purpose as well.
So, is there a way that we can filter logging messages in access log by API's, URL's etc?
Thanks in advance for the help.
Upvotes: 4
Views: 516
Answers (1)
Reputation: 14961
cherrypy uses Python's standard logging module by default, so you can just add a custom filter. This example will ignore any GET request with /foo as the path prefix:
import logging
class IgnoreURLFilter(logging.Filter):
# simple example of log message filtering
def __init__(self, ignore):
self.ignore = 'GET /' + ignore
def filter(self, record):
return self.ignore not in record.getMessage()
app = cherrypy.tree.mount( YourApplication() )
app.log.access_log.addFilter( IgnoreURLFilter('foo') )
cherrypy.engine.start()
Upvotes: 7
Related Questions
- Flask block specific endpoints from logging
- CherryPy is not respecting desired logging format
- Disable logging in gunicorn for a specific request / URL / endpoint
- Prevent cherrypy from logging access
- CherryPy add contextual information to logging
- Logging separate from CherryPy logger
- Python Cherrypy: Disable logging of requests
- Silencing cherrypy
- selectively log requests using logging module
- CherryPy Logging: How do I configure and use the global and application level loggers?