How to configure HTTP Log content for Linux Web App Diagnostic Monitoring

Matt P 20 Reputation points
2024-11-07T15:35:06.9533333+00:00

Hi, I am running a NodeJS application, hosted in a Linux Azure Web App. I have set up diagnostic logs for HTTP Logs to be forwarded to a Log Analytics Workspace and having looked at the logs I can see there's cookies included by default.

I would ideally like to control which cookies are included in the HTTP logs or prevent cookies being logged at all. I haven't found any documentation on configuring the HTTP logs, and the diagnostic setting is just on or off for that log category.

Is there anything I can do to control the HTTP log content? Thanks

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,366 questions
{count} votes

Accepted answer
  1. Ashok Gandhi Kotnana 1,185 Reputation points Microsoft Vendor
    2024-11-08T11:47:26.0666667+00:00

    Hi Matt,

    Welcome to Microsoft Q&A Forum, thank you for posting your query here!

    It sounds like you're looking to control the HTTP log content in your Azure Web App, particularly regarding the inclusion of cookies in the diagnostic logs forwarded to Log Analytics. Unfortunately, as you noted, Azure's diagnostic settings for HTTP logs are quite basic and there is no direct way to configure or filter specific data like cookies through the portal alone.

    However, you can handle this in a few ways:

    1.Please Disabled this option
    User's image

    Please refer this link for further details

    https://azure.github.io/AppService/2016/05/16/Disable-Session-affinity-cookie-(ARR-cookie)-for-Azure-web-apps.html

    2. Azure Application Insights

    Another option would be to use Azure Application Insights, which can be configured to log more granular details about HTTP requests, including filtering sensitive information. While you can't completely turn off cookie logging, you can use Telemetry Initializers in Application Insights to sanitize or filter out sensitive data (such as cookies) before the logs are sent to Log Analytics.

     

    Initialize Application Insights and Add a Telemetry Initializer:

    • Open your main application file (e.g., app.js or server.js).
    • Configure Application Insights with a Telemetry Initializer to remove or customize specific data.

    const appInsights = require('applicationinsights');

    appInsights.setup('<Your-Instrumentation-Key>').start();

    const client = appInsights.defaultClient;

    // Telemetry Initializer to remove cookies

    client.addTelemetryProcessor((envelope, context) => {

      if (envelope.data.baseType === "RequestData") {

        // Remove cookies from request headers

        if (envelope.data.baseData.headers && envelope.data.baseData.headers['cookie']) {

          delete envelope.data.baseData.headers['cookie'];

        }

      }

      return true; // Continue sending this telemetry item

    });

    This setup ensures that cookies and other sensitive information are removed before they reach Log Analytics via Application Insights.

    3. Custom Log Filtering via Log Analytics Workspace (Not Directly via Azure Logs)

    While Azure's diagnostic settings do not provide cookie-level filtering, you can use Log Analytics Workspace query capabilities to filter or mask cookies after the data is collected. However, this will require you to analyze and modify logs after they are written to the workspace rather than at the logging source.

    Please let us know if you have any further queries. I’m happy to assist you further.

     

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.