Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log the remote IP:port for query API users #3485

Closed
wants to merge 1 commit into from
Closed

Log the remote IP:port for query API users #3485

wants to merge 1 commit into from

Conversation

esnible
Copy link
Contributor

@esnible esnible commented Jan 19, 2022

Experimental code to log the remote IP address for the query API.

@codecov
Copy link

codecov bot commented Jan 19, 2022

Codecov Report

Merging #3485 (668399e) into main (cdcc272) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #3485   +/-   ##
=======================================
  Coverage   96.49%   96.49%           
=======================================
  Files         262      262           
  Lines       15311    15323   +12     
=======================================
+ Hits        14774    14786   +12     
  Misses        454      454           
  Partials       83       83
Impacted Files Coverage Δ
cmd/query/app/server.go 95.83% <100.00%> (+1.71%) ⬆️
cmd/query/app/static_handler.go 95.80% <0.00%> (-1.80%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cdcc272...668399e. Read the comment docs.

yurishkuro
yurishkuro reviewed Jan 19, 2022
View reviewed changes
Copy link
Member

@yurishkuro yurishkuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in GDPR/ePD an IP address is considered sensitive user data and logging it should be avoided.

@esnible
Copy link
Contributor Author

esnible commented Jan 19, 2022

@yurishkuro I agree that logging this data is undesirable.

What I noticed is that after #2827 I see messages in the jaeger-query log that look like

{
  "level": "warn",
  "ts": 1642500323.338672,
  "caller": "channelz/logging.go:62",
  "msg": "[core]grpc: Server.Serve failed to create ServerTransport: connection error: desc = \"transport: http2Server.HandleStreams received bogus greeting from client: \\\"\\\\x16\\\\x03\\\\x01\\\\x02\\\\x00\\\\x01\\\\x00\\\\x01\\\\xfc\\\\x03\\\\x03;\\\\xcd\\\\xcc\\\\xe0K\\\\xdbt\\\\x8aO\\\\xd9C2\\\\xb4\\\"\"",
  "system": "grpc",
  "grpc_log": true
}

The truth is I really only want to get the remote IP in the case where I am about to generate a warning.

The two ways I can think of to determine the cause of the warning is to run wireshark on live data or to log the IPs. The error message itself comes from google.golang.org/grpc/server.go:890 and grpc/internal/transport/http2_server.go:302 and I couldn't figure out any other way to get a message out of those libraries.

@esnible esnible closed this Jan 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yurishkuro yurishkuro yurishkuro left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@esnible @yurishkuro