HAProxy – How to raise the log level of responses with status code above 400

haproxylogging

Here's my sample configuration:

frontend www-http
    bind *:80
    acl status_error status ge 400
    http-response set-log-level err if status_error
    default_backend www-backend

backend www-backend
    server backend 127.0.0.1:8080

With this config, all responses with status 200 are being logged but 400 and below isn't. If I remove the acl and http-response line, then everything is logged.

I've added those lines to the default config, and I didn't touch any rsyslog configuration. I've tested this in HAProxy 1.5.8 (Debian 8) and 1.6.3 (Ubuntu 16.04).

Best Answer

(It's four years later, but perhaps still relevant.)

Using HAProxy 2.2 this approach works for me to have conditional and HTTP-only requests/connection logging on one frontend:

global
  # 'notice' level as global minimum (does not include http request logs)
  log /dev/log local0 notice
  [...]

defaults
  log global

frontend myhttpsfrontend
  bind [...]
  mode http

  # enables logging of all HTTP requests at info level
  option httplog

  # raise loglevel from info to notice with status code >= 400
  http-response set-log-level notice if { status ge 400 }

I chose to have notice level globally, as TCP backends could be very noisy if the global level is info. Note that notice is a higher severity level than info in syslog; that was one part confusing me at first.

The condition if { status ge 400} is an inline expression as an example, but you could also use an ACL or some other condition of course.

Relevant basics on HAProxy logging in this blog: haproxy.com/blog: Introduction to HAProxy Logging.

Related Topic