-
Notifications
You must be signed in to change notification settings - Fork 0
/
policy.xml
76 lines (65 loc) · 3.98 KB
/
policy.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<!--
© 2016-2024 Graylog, Inc.
This policy definition must be added to your Azure APIM instance, as indicated here: https://docs.microsoft.com/en-us/azure/api-management/set-edit-policies
For a complete guide on how to log events to Azure Event Hubs using API Management, see here: https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-log-event-hubs
The two attributes of the <log-to-eventhub> tag on line 48, inside the <outbound> element down below must be modified to fit your Azure setup:
1. For the logger-id attribute, the "ResurfaceLogger" string is a default value that must be replaced for the identifier of your API Management Logger.
See here for how to create an API Management Logger: https://docs.microsoft.com/en-us/rest/api/apimanagement/current-ga/logger/create-or-update
2. (Deprecated. Only for use with EventConsumerClient) For the partition-id attribute, the "0" string must be replaced for the identifier of your Event Hub
Partition that will receive the events returned from this policy. The default for this attribute is "0".
The value attribute of the <set-variable name="body-size-limit"> tag on line 18, inside the inbound element down below contains the maximum number of characters
to be logged for a given set of request and response bodies. It can be modified to log larger body sizes. The default for this attribute is 524288 (roughly, 1MB given 2 bytes/char).
-->
<policies>
<inbound>
<set-variable name="body-size-limit" value="@(1024 * 1024 / 2)" />
<set-variable name="request-string" value="@{
var bodySizeLimit = (int) context.Variables["body-size-limit"];
var body = context.Request.Body?.As<string>(true);
if (body != null && body.Length > bodySizeLimit)
{
body = $"{{\"overflowed\": \"{body.Length}\"}}";
}
var headers = context.Request.Headers
.Where(h => h.Key != "Authorization" && h.Key != "Ocp-Apim-Subscription-Key")
.Select(h => string.Format("{0}: {1}", h.Key, String.Join(",", h.Value)))
.ToList<string>();
if (!context.Request.Headers.ContainsKey("X-FORWARDED-FOR"))
{
headers.Add(string.Format("X-FORWARDED-FOR: {0}", context.Request.IpAddress));
}
return new JObject(
new JProperty("method", context.Request.Method),
new JProperty("url", context.Request.Url.ToString()),
new JProperty("body", body is null ? string.Empty : body),
new JProperty("headers", headers)).ToString();
}" />
</inbound>
<backend>
<forward-request follow-redirects="true" />
</backend>
<outbound>
<log-to-eventhub logger-id="ResurfaceLogger">@{
var bodySizeLimit = (int) context.Variables["body-size-limit"];
var body = context.Response.Body?.As<string>(true);
if (body != null && body.Length > bodySizeLimit)
{
body = $"{{\"overflowed\": \"{body.Length}\"}}";
}
var headers = context.Response.Headers
.Select(h => string.Format("{0}: {1}", h.Key, String.Join(",", h.Value)))
.ToArray<string>();
var response = new JObject(
new JProperty("status", context.Response.StatusCode),
new JProperty("body", body),
new JProperty("headers", headers)
);
return new JObject(
new JProperty("request", context.Variables["request-string"]),
new JProperty("response", response.ToString()),
new JProperty("interval", context.Elapsed.TotalMilliseconds),
new JProperty("now", DateTimeOffset.UtcNow.ToUnixTimeMilliseconds())
).ToString();
}</log-to-eventhub>
</outbound>
</policies>