Advanced Request Logging and Monitoring for Private Locations¶

The CLI can't see the HTTPS/mTLS traffic, That's why we need to use a proxy to intercept the traffic. Below is an example using mitmproxy

Example: Using `mitmproxy` to extract the `X-Escape-Request-Id` header¶

Warning

You must set the ESCAPE_ENABLE_LOGS_ENDPOINT environment variable to true to allow the mitm proxy logs to be forwarded to the Escape platform.

You can provide a custom python script to catch the request ID and forward it to the Escape platform. Create a file called ./mitmproxy/extract_escape_request_id.py with the following content:

import requests
import os


class Addon:
    def __init__(self):
        port = os.getenv("HEALTH_CHECK_PORT", "8080")
        self.log_url = f"http://127.0.0.1:{port}/log"

    def request(self, flow):
        request_id = flow.request.headers.get("X-Escape-Request-Id", "")
        if request_id:
            requests.post(self.log_url, data=f'Forwarding X-Escape-Request-Id: {request_id}')

addons = [Addon()]

Note

See the mitmproxy addons documentation for more information.

Then to configure a Private Location to use this addon, you can use the following docker-compose file:

services:
  private-location:
    image: escapetech/cli:latest
    restart: always
    command: locations start -v location-name
    environment:
      - ESCAPE_API_KEY=<ESCAPE_API_KEY>
      - ESCAPE_BACKEND_PROXY_URL=mitm-proxy:8080
      - ESCAPE_ENABLE_LOGS_ENDPOINT=true
  mitm-proxy:
    image: mitmproxy/mitmproxy:latest
    restart: always
    ports:
      - "8080:8080"
    command: "mitmdump -s /mitmproxy/extract_escape_request_id.py"
    volumes:
      - ./mitmproxy:/mitmproxy

Advanced Request Logging and Monitoring for Private Locations¶

Example: Using mitmproxy to extract the X-Escape-Request-Id header¶

Example: Using `mitmproxy` to extract the `X-Escape-Request-Id` header¶