如何在 AWS ELB 日志中获取完整的 POST 正文?
[英]How to get full POST body in AWS ELB logs?
问题描述
Currently, AWS ELB, both classic and application, do not log the body of POST requests.
目前,AWS ELB,无论是经典的还是应用程序,都不记录 POST 请求的主体。 Neither does Cloudfront. Cloudfront 也没有。 Is it possible to get the full body of HTTP requests at this level above the instance?是否可以在实例之上的这一层获得HTTP请求的全文?
2 个解决方案
解决方案1
0 2019-11-15 03:09:44
You can inspect HTTP request contents via WAF, and block based on certain conditions.您可以通过WAF检查HTTP请求内容,并根据特定条件进行阻止。 This occurs before the request reaches the application.这发生在请求到达应用程序之前。 See https://aws.amazon.com/about-aws/whats-new/2016/01/aws-waf-now-inspects-http-request-body-and-adds-size-constraint-condition/请参阅https://aws.amazon.com/about-aws/whats-new/2016/01/aws-waf-now-inspects-http-request-body-and-adds-size-constraint-condition/
解决方案2
0 2023-01-31 09:42:33
You can't get access to full POST body in ELB logs, it's not really what the ELB logs are for.您无法访问 ELB 日志中的完整 POST 主体,这并不是 ELB 日志的真正用途。 They are more around request counts and timings etc. Also, the body of a POST could contain all sorts of sensitive information - email, password, date of birth, address etc.它们更多地围绕请求计数和时间等。此外,POST 的正文可能包含各种敏感信息 - email、密码、出生日期、地址等。
It's also fairly unusual that logs would contain this kind of information, it's generally captured by the request handling application.日志包含此类信息也很不寻常,它通常由请求处理应用程序捕获。
If recording the request in your application isn't an option you could look at Traffic Mirroring - one of the use cases is content inspection.如果在您的应用程序中记录请求不是一个选项,您可以查看流量镜像——其中一个用例是内容检查。 This will allow you to copy all traffic from the ELB ENI and send it to another application, eg a service running on an EC2 instance that writes the body to and S3 bucket.这将允许您从 ELB ENI 复制所有流量并将其发送到另一个应用程序,例如在将正文写入 S3 存储桶的 EC2 实例上运行的服务。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.