Applies standard logging configuration to Conjur appliance (Docker container) services.
In the container, the following design applies to service logging:
- The phusion/baseimage Docker image runs
syslog-ng
, a syslog daemon which also forwards all messages todocker logs
. - All Conjur services use a
runit
log/run
script which redirects all service log output from stdout to syslog. - All Conjur services log to stdout.
- Service logging should not be verbose, to avoid emitting sensitive information into the log. The primary source of
service logging is the
nginx
web server log, which also goes to syslog. - All Conjur services should honor the
LOG_LEVEL
environment variable and set logging verbosity based on it. - Exception stack traces which occur in services should be emitted to syslog.
Design elements (1) and (2) are implemented by the container itself. Elements (3) through (6) are the responsibility of the services themselves. The purpose of this Ruby gem is to implement the necessary configuration in a uniform way.
Sinatra and Rails are the frameworks supported directly by this gem.
In a Rails application, require "conjur-appliance-logging"
triggers a Railtie which does the following, only if Rails.env is "appliance":
- Sets
log_level
based onENV['LOG_LEVEL']
- For Rails version before 4, sets the application logger to
Logger.new(STDOUT)
- For Rails versions 4 and above, sets the application logger to
ActiveSupport::Logger.new(STDOUT)
In a Sinatra application, first require "conjur-appliance-logging"
and then extend Conjur::Appliance::Logging::Sinatra in your app.
The extended module does the following:
- Enables
logging
for all environments - Enables
dump_errors
for all environments - For "appliance" environment, sets application logger to
Logger.new(STDOUT)
- Sets
log_level
based onENV['LOG_LEVEL']
Add this line to your application's Gemfile:
gem 'conjur-appliance-logging'
And then execute:
$ bundle
Or install it yourself as:
$ gem install conjur-appliance-logging
Requiring the gem is all you need to do for Rails applications.
For Sinatra, extend
the module Conjur::Appliance::Logging::Sinatra
.
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/conjurinc/appliance-logging.
The gem is available as open source under the terms of the MIT License.