Logging

The Katalogue backend service and repository database emits logs. This section refers to logging configuration for the backend service, please consult the PostgreSQL documentation for configuring the postgres logs.

Katalogue logs both to local files (./logs folder for the service in the Docker container) and to console by default.

The following security-related information is logged:

• All errors are logged.
• All user authentication actions such as login and access token renewal, are logged (at the info loglevel).
• All data changes in Katalogue are logged to the public.changelog table along with the username of the user that performed the action.
• Optionally: All HTTP requests that hit the backend API can be logged to the public.http_requests database table. This feature is disabled by default due to performance considerations.

File logs are rotated automatically, but the public.changelog and http_requests tables must be cleansed manually.

Danger

Removing entries from the public.changelog table might breach referential integrity and will break the changelog timeline in the GUI.

Configuration

A few logging options in Katalogue can be configured through the GUI in the Settings -> Logging page:

• Log level. Only Info or Debug, other levels must be set through environment variables or config file.
• Enable/disable HTTP Request logging. If enabled, all HTTP requests to the backend service is logged to the public.http_requests table. This is primarily intended as a debugging feature as it will have a performance impact (each request results in two extra DB operations). In essence, the HTTP Request log captures the requested resource/endpoint, requestor (ip address and username if available), status and response time.

See the logging category in Configuration Parameters for all logging-related options.