By default Spring Cloud Sleuth log such info as: Application name, TraceId, SpanId, Export.
is there a way to configure the module to add in logs also the principal name?
I'm not sure if this has anything to do with Sleuth.
You can modify your log settings and add what you want. Sleuth modifies the level in the pattern (logging.pattern.level) and adds these details there.
You can check this answer to see how sleuth does this: https://stackoverflow.com/a/65851232/971735
Related
Since SpringBoot is opinionated, it connects to my Oracle DB using configuration that I didn't have to do. Now, I want to see these config values, how can I do that?
I tried the "env" and "info" actuator endpoints, but they didn't have any information on this
TIA
In your app if you already exposed all actuator endpoints or specific configprops endpoint, you can use "configprops".
<host>/actuator/configprops
Other than the jdbc connection url is there any configuration you specificly wanted to see? perhaps you can try to look at the logging information but it will show a lot more than just configuration values, but if you try to find list of configuration that Spring Boot set here is the reference link
In order to trace service invocation across microservices , we can use Zipkin.
From the below URLs ,we understand the time taken for calls across micro services can be captured in zipkin
https://tanzu.vmware.com/developer/guides/spring/spring-zipkin/
https://springhow.com/spring-boot-zipkin-distributed-tracing/
Do we still need to use spring sleuth along with zipkin ? Does the span id and trace id generated by Sletuh provide any additional information apart from what Zipkin can capture on its own ?
Since brave is a zipkin library I presume there is no need to have dependency on sleuth in order to trace service calls across microservices.
One probable benefit of Sleuth is that it adds the span id and trace id in the application logs ( using logback MDC concept ) . These logs can be pushed into elastic search using Logstash
If you want to use only Spring Cloud Sleuth without the Zipkin integration, add the spring-cloud-starter-sleuth module to your project
Check this for reference
So I enabled Spring Cloud Sleuth in my spring boot app and this happened:
2021-03-03 19:11:11.164 DEBUG [OAuth2 service,b1e3783b06d8cc61,b1e3783b06d8cc61] 5056 --- [nio-8080-exec-5] o.s.web.client.RestTemplate : Writing [{grant_type=[password], client_id=[myclientid], client_secret=[b0ea9376...], username=[rose], password=[mypassword]}] as "application/x-www-form-urlencoded"
As you can see at the end, the Sleuth logged the password=[mypassword] what is not good... Not good at all.
Is it possible to configure Sleuth to not log sensitive data?
As you can see towards the beginning, this was not logged by Sleuth but by RestTemplate, the logger is o.s.web.client.RestTemplate, it has nothing to do with Sleuth.
(Here is the line that does this).
What Sleuth has to do with this log event is this part: [OAuth2 service,b1e3783b06d8cc61,b1e3783b06d8cc61]; the name of your service, the traceID and the spanID, none of them should be considered as secrets.
If you don't want RestTemplate to log out these details, you can set it's log level to INFO, WARN or higher.
By adding Spring Cloud Sleuth as a dependency in my Spring Boot project the logging mask, like magic, changes.
The change that happens is the inclusion of the traceId, spanId and applicationName in the informations that are logged when I do log.info(...) and other logging commands.
How do Spring Cloud Sleuth does that? Is that a appender implementation? Do a programatically change happens in the log mask to be able to print it when Spring Boot auto-configuration is started?
How to configure Spring Boot Admin to log action. For example, I want Spring Boot Admin log action when someone change log level form INFO to DEBUG or when someone change configuration value in JMX tab and write wrong configure override the existing.
Do Spring Boot Admin has a feature to do that?
No it doesn't but you could write a zuul filter intercepting, analyzing the request to /api/applications/{id}/logfile and writing a log statement.
Spring Boot includes a number of additional features to help you
monitor and manage your application when it’s pushed to production.
You can choose to manage and monitor your application using HTTP
endpoints, with JMX or even by remote shell (SSH or Telnet). Auditing,
health and metrics gathering can be automatically applied to your
application.
Actuator HTTP endpoints are only available with a Spring MVC-based
application. In particular, it will not work with Jersey unless you
enable Spring MVC as well.
You can also activate a listener by invoking the SpringApplication.addListeners(…) method and passing the appropriate Writer object. This method also allows you to customize the file name and path via the Writer constructor.
Customize your requirement in Actuator
https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#production-ready
Maven :
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
<version>1.5.2.RELEASE</version>
</dependency>
http://www.baeldung.com/spring-boot-authentication-audit