Custom logging provider to modify output #40
Conversation
|
@ablizorukov I'm not sure if I'm moving in the right direction. Do you have experience implementing logging middleware/handler/provider? We need to modify the output before sending it to the receiver (console in the current case). |
| logging.ClearProviders(); | ||
| logging.AddProvider( | ||
| new FilteredConsoleLoggerProvider( | ||
| (category, level) => |
There was a problem hiding this comment.
This levels should not be hardcoded, it can be configured from the appsettings file
We can define default level as Warning and set other need logging as Information
https://learn.microsoft.com/en-us/aspnet/core/fundamentals/logging/?view=aspnetcore-7.0#configure-logging
There was a problem hiding this comment.
Yes-yes, it's generated code.
I'd like to avoid implementing level filtering logic at all. It is already implemented in the built-in logger, we just need to hijack formatting somehow.
There was a problem hiding this comment.
Okay, I see the problem maybe RedactLoggedHeaders method for TelegramBotClient can help here, but will need to check
https://learn.microsoft.com/en-us/dotnet/api/microsoft.extensions.dependencyinjection.httpclientbuilderextensions.redactloggedheaders?view=dotnet-plat-ext-7.0&viewFallbackFrom=net-7.0
There was a problem hiding this comment.
I think it won't help. In our case the URL gets logged.
There was a problem hiding this comment.
This should do: Create new Custom ConsoleLogFormatter
But this will affect all console output and change the appearens, in our case I would just change the logging level by default to something like:
// appsettings.bot.json
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.Hosting.Lifetime": "Information",
"System.Net.Http.HttpClient.TelegramBotClient": "Warning"
}
}Also possible to check out third-party libraries like log4net, serilog and etc, it might be easier to implement replace sensitive log messages
There was a problem hiding this comment.
this will affect all console output and change the appearens
That might be not a bad thing. This way we'll make sure that the token won't appear in any logs.
just change the logging level
I'm inclined to do that now as a quick mitigation, but this won't fix the root cause.
It is quite surprising that no straightforward ways to mutate log output can be googled. In my experience, it is required not often but from time to time.
check out third-party libraries
That'd be fine for me if you pick something. I have little experience in C# and limited knowledge of the ecosystem.
There was a problem hiding this comment.
Sure, I'll take a look at 3rd party libs
|
|
Kudos, SonarCloud Quality Gate passed!
|
No description provided.