Contents
Configuration¶
logBee.Backend behavior can be customized by updating the Configuration\logBee.json file.
A full example of the logBee.json configuration file can be found here.
LogBeeBackend.BasicAuth.Password¶
The Basic HTTP authentication scheme password used to connect to LogBee.Backend application.
{
"LogBeeBackend.BasicAuth.Password": "_LogBeeBackend_authorization_password_"
}
LogBeeFrontend.BasicAuth.Password¶
The Basic HTTP authentication scheme password used to connect to logBee.Frontend application.
This property should have the same value as the same property from logBee.Frontend\Configuration\logBee.json.
{
"LogBeeFrontend.BasicAuth.Password": "_LogBeeFrontend_authorization_password_"
}
LogBeeBackendUrl¶
Root url pointing to logBee.Backend application.
{
"LogBeeBackendUrl": "http://logBee-backend.myapp.com/"
}
LogBeeFrontendUrl¶
Root url pointing to logBee.Frontend application.
{
"LogBeeFrontendUrl": "http://logBee.myapp.com/"
}
Database¶
{
"Database": {
"Provider": "MongoDb",
"MongoDb": {},
"AzureCosmosDb": {}
}
}
Database.Provider |
|
|---|---|
MongoDb |
Sets the database provider to MongoDB. |
AzureCosmosDb |
Sets the database provider to Azure CosmosDB. |
Database.MongoDb |
|---|
Required when “Database.Provider” is “MongoDb”. |
Database.AzureCosmosDb |
|---|
Required true when “Database.Provider” is “AzureCosmosDb”. |
Database.MongoDb¶
Configuration used to connect to MongoDB server.
{
"Database": {
"MongoDb": {
"ConnectionString": "mongodb://localhost:27017",
"DatabaseName": "LogBeeBackendDatabase"
},
}
}
Database.AzureCosmosDb¶
Configuration used to connect to Azure Cosmos DB service.
{
"Database": {
"AzureCosmosDb": {
"ConnectionString": "AccountEndpoint=https://logbee-database-nosql.documents.azure.com:443/;AccountKey={_your_account_key_};",
"ApplicationRegion": "West Europe",
"DatabaseName": "LogBeeBackendDatabase"
},
}
}
Files¶
{
"Files": {
"Provider": "MongoDb",
"MaximumFileSizeInBytes": 2097152,
"Azure": {}
}
}
Files.Provider |
|
|---|---|
MongoDb |
Sets the files storage provider to MongoDB. |
Azure |
Sets the files storage provider to Azure Storage container. |
Files.MaximumFileSizeInBytes |
|---|
Specifies the maximum file size (in bytes) which can be uploaded. |
Files.Azure |
|---|
Required when “Files.Provider” is “Azure” |
Files.Azure¶
Configuration used to connect to Azure Storage account.
{
"Files": {
"Azure": {
"ConnectionString": "DefaultEndpointsProtocol=https;AccountName=myfilesstorage;AccountKey=A889wNrmGpz74rT5kNg53VB==;EndpointSuffix=core.windows.net"
}
}
}
LogBeeFrontend¶
Configuration specific to logBee.Frontend application.
For better performance, logBee.Backend connects directly to the logBee.Frontend database.
All the values provided here must match the same values specified in logBee.Frontend\Configuration\logBee.json.
{
"LogBeeFrontend": {
"Database": {}
}
}
LogBeeFrontend.Database¶
{
"LogBeeFrontend": {
"Database": {
"Provider": "MongoDb",
"MySql": {
"ConnectionString": "server=localhost;port=3306;database=LogBeeFrontend;uid=<replace_user>;password=<replace_password>;Charset=utf8;"
},
"SqlServer": {
"ConnectionString": "Server=localhost;Database=LogBeeFrontend;User ID=<replace_user>;Password=<replace_password>;TrustServerCertificate=True;"
},
"MongoDb": {
"ConnectionString": "mongodb://localhost:27017?socketTimeoutMS=5000&connectTimeoutMS=5000",
"DatabaseName": "LogBeeFrontend"
}
}
}
}
LogBeeFrontend.Database.Provider |
|
|---|---|
MySql |
Sets the LogBee.Frontend database provider to MySql. |
SqlServer |
Sets the LogBee.Frontend provider to MS-SQL. |
MongoDb |
Sets the LogBee.Frontend provider to MongoDb. |
CreateRequestLog¶
{
"CreateRequestLog": {
"ValidateApplicationKeys": true,
"SaveInputStreamAsFileIfLengthGte": 5000,
"Ignore": {},
"Obfuscate": {},
"Truncate": {},
"Throttle": {}
}
}
CreateRequestLog.ValidateApplicationKeys |
|---|
If true, the
"ApplicationId" and "OrganizationId" are validated against existing records from the LogBee.Frontend database.This is useful if you want to prevent processing logs from applications which have been deleted in the LogBee.Frontend user-interface, but are still running.
|
CreateRequestLog.SaveInputStreamAsFileIfLengthGte |
|---|
If Request.InputStream content exceeds the length defined here, the value will be saved as a blob file.
This helps prevent saving excesive large objects in database.
|
CreateRequestLog.Ignore¶
{
"CreateRequestLog": {
"Ignore": {
"UrlPathPatterns": [ "(?si).js$", "(?si).css$", "(?si).map$", "(?si).xml$", "(?si).php$", "(?si).ttf" ],
"ResponseContentTypePatterns": [ "(?si)^application/javascript", "(?si)^image/", "(?si)^application/font-" ]
}
}
}
Ignore.UrlPathPatterns |
|---|
An array of Regex patterns used to identify requests which should be ignored based on the url path. |
Ignore.ResponseContentTypePatterns |
|---|
An array of Regex patterns used to identify requests which should be ignored based on the Response.Content-Type header. |
CreateRequestLog.Obfuscate¶
{
"CreateRequestLog": {
"Obfuscate": {
"IsEnabled": true,
"ObfuscateInputStream": false,
"Placeholder": "<obfuscated>",
"Patterns": [ "(?si)pass" ]
}
}
}
Obfuscate.IsEnabled |
|
|---|---|
true |
Request parameters are parsed and any matching properties will be obfuscated. |
false |
Obfuscation service is disabled. |
Obfuscate.ObfuscateInputStream |
|
|---|---|
true |
Request.InputStream will be parsed and any matching properties will be obfuscated.This method is expensive and can affect the latency of the application.
|
false |
Request.InputStream will not be parsed. |
Obfuscate.Placeholder |
|---|
Placeholder used to replace the sensitive properties matched by the Regex patterns. |
Obfuscate.Patterns |
|---|
An array of Regex patters which are used to identify potential sensitive data. |
CreateRequestLog.Truncate¶
Configuration used to truncate request log payloads.
Before saving to database, the request log will be truncated using the limits provided by this configuration.
{
"CreateRequestLog": {
"Truncate": {
"Files": {
"Limit": 5
},
"LogMessages": {
"Limit": 100,
"MessageMaxLength": 10000
},
"Exceptions": {
"Limit": 6,
"ExceptionMessageMaxLength": 500
},
"CustomProperties": {
"Limit": 10,
"KeyMaxLength": 20,
"ValueMaxLength": 100
},
"Keywords": {
"Limit": 6,
"KeywordMinLength": 5,
"KeywordMaxLength": 30
},
"RequestHeaders": {
"Limit": 20,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
},
"RequestCookies": {
"Limit": 5,
"KeyMaxLength": 100,
"ValueMaxLength": 100
},
"RequestQueryString": {
"Limit": 30,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
},
"RequestFormData": {
"Limit": 30,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
},
"RequestServerVariables": {
"Limit": 30,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
},
"RequestClaims": {
"Limit": 30,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
},
"ResponseHeaders": {
"Limit": 30,
"KeyMaxLength": 100,
"ValueMaxLength": 1000
}
}
}
}
CreateRequestLog.Throttle¶
{
"CreateRequestLog": {
"Throttle": {
"Rules": [
{
"IsEnabled": false,
"Organizations": ["a754e353-a0f9-48ae-ad11-66470c70d0bf"],
"Applications": ["26e1cf75-5ad7-49cc-b48e-798b49dc41ba"],
"RemoteIpAddresses": ["2.127.71.193", "228.137.250.192"],
"Limits": [
{
"RequestLimit": 1,
"IntervalInSeconds": 5,
"StatusCodeLt": 400
}
]
}
]
}
}
}
Throttle.Rules[] |
|---|
A list of throttle rules to be applied when receiving a request log.
A rule can specify only one of
Organizations, Applications or RemoteIpAddresses filters.If a rule has no filters specified, the rule will apply for all the incoming requests.
|
Throttle.Rules[] |
|
|---|---|
IsEnabled |
Specifies if the rule is enabled. |
Organizations |
An array of organization ids for which the rule will apply. |
Applications |
An array of application ids for which the rule will apply. |
RemoteIpAddresses |
An array of IP addresses for which the rule will apply. |
Limits[] |
A list of throttle limits to be applied for the rule. |
Throttle.Rules[].Limits[] |
|
|---|---|
RequestLimit |
Specifies how many requests should be accepted in the specified interval of time. |
IntervalInSeconds |
Specifies the interval of time, in seconds, when the request limit is calculated. |
StatusCodeLt |
Specifies the “< Status Code” for which the request limit is applied. |
UrlTokenization¶
{
"UrlTokenization": {
"IgnoreTokenizationUrlPathPatterns": [ "(?si)^\/[0-9]+$" ],
"PathComponentTokenization": {
"Characters": [ "%", " ", ":", ",", ";", "+", "%", "&", "#", "(", ")", "@", "=", "<", ">", "{", "}", "\"", "'" ],
"Patterns": [ "(?si)(?:\\D*\\d){3}" ]
},
}
}
UrlTokenization.IgnoreTokenizationUrlPathPatterns |
|---|
An array of Regex patterns for which the url tokenization will not be activated.
Example: [ "(?si)^\/home\/error-(?:[0-9])+$" ]
Because the url "/Home/Error-404" is matched by the regex, url tokenization will not be activated.
"/Home/Error-404" ---> "/Home/Error-404"
|
UrlTokenization.PathComponentTokenization.Characters |
|---|
If an url path contains any of the specified characters in this array, the path will be considered a parameter.
Example: [ ":" ]
Because the url path "/D1:P7:00A" contains ":" character, it will be considered a parameter.
"/api/reports/generate/D1:P7:00A" ---> "/api/reports/generate/{0}"
|
UrlTokenization.PathComponentTokenization.Patterns |
|---|
An array of Regex patterns used to identify parameters inside url paths
Example: [ "(?si)(?:\\D*\\d){3}" ]
Because the url path "/APP-002" is matched by the regex (contains 3 digits), it will be considered a parameter.
"/api/reports/generate/APP-002" ---> "/api/reports/generate/{0}"
|
TimeToLive¶
Specifies for how long the captured logs and other data entities should be kept in database.
The time to live value can be specified in Days, Hours or Minutes.
{
"TimeToLive": {
"RequestLog": [
{
"StatusCodeLt": 400,
"Minutes": 2880
},
{
"StatusCodeLt": 500,
"Hours": 96
},
{
"StatusCodeLt": 600,
"Days": 6
}
],
"AlertDefinitionInvocation": {
"Days": 30
},
"ApplicationAlert": {
"Days": 30
},
"ApplicationChartData": {
"Days": 30
},
"ApplicationData": {
"Days": 30
},
"ApplicationEndpoint": {
"Days": 30
},
"ApplicationException": {
"Days": 30
},
"ApplicationUsage": {
"Days": 180
},
"ApplicationUser": {
"Days": 30
},
"HttpRefererDestination": {
"Days": 30
},
"HttpRefererSource": {
"Days": 30
}
}
}
UserAgentParserProvider¶
Sets the provider which is used to parse the User-Agent header and display additional information about the Browser/OS.
{
"UserAgentParserProvider": null
}
UserAgentParserProvider |
|
|---|---|
null
(recommended)
|
The functionality of parsing the user-agent is disabled. |
DeviceDetectorNet |
Uses the DeviceDetector.NET user-agent parser.
This provider tends to be relatively slow and can cause performance degradation for applications processing large volumes of logs.
|
ApplicationSettings¶
ApplicationSettings.DeleteApplicationDataByExpiryDate¶
{
"ApplicationSettings": {
"DeleteApplicationDataByExpiryDate": {
"TriggerIntervalInMinutes": 180
}
}
}
DeleteApplicationDataByExpiryDate.TriggerIntervalInMinutes |
|---|
Specifies the interval of time in which the delete application data service is executed. |
ApplicationSettings.ProcessQueues¶
{
"ApplicationSettings": {
"ProcessQueues": {
"TriggerIntervalInSeconds": 10,
"Take": 100
}
}
}
ProcessQueues.TriggerIntervalInSeconds |
|---|
Specifies the interval in which the entities saved in memory (queue) should be inserted in database. |
ProcessQueues.Take |
|---|
Specifies how many items from queue should be processed at the specified interval of time. |
ApplicationSettings.ProcessAlerts¶
{
"ApplicationSettings": {
"ProcessAlerts": {
"TriggerIntervalInSeconds": 10
}
}
}
ProcessAlerts.TriggerIntervalInSeconds |
|---|
Specifies the interval in which the alerts are evaluated against the received request logs. |
For technical support, questions or any feedback, please feel free to send us a message and we will get back to you.