Enable conditional HTTP logging


#1

Hello community !

I looking for a solution for my specific need. I have HAproxy servers which are serving huge amount of traffic (peaks with more than 60000 req/s). Currently, HTTP logging is not enable for normal traffic (option dontlog-normal), traffic volume is to high to permit logging in good condition.

I’m looking for a solution to evaluate how many client are SNI compatible. This can be achieve with custom logging format with “%[ssl_fc_sni]”.

Do you know if there is a way to enable HTTP logging only when matching criteria (such as the presence of SNI host field) ?

Thanks!


#2

Hi,

You can use something like this:

http-request set-log-level silent if { ssl_fc_sni -m found }

That way request containing the SNI won’t be logged.