Skip to content
Advertisement

Is there a way to extend the Spring Actuator logger and invoke it from my own controller?

Is there a way to extend the Spring Actuator logger and invoke it from my own controller, so that I can do some security validations? For example, something like this:

@RestController
public class MyLoggingController {

    @Autowired
    private ActuatorLogger logger; // not sure what the actual class name is

    @PostMapping("/loggers")
    public String setLoggeringLevel( @RequestBody String body ) {
        
        // do security validations 
        
        // set logging level
        logger.setLoggingLevel( ... ); // not sure what the actual method signature is
        
        return response;
    }

}

Advertisement

Answer

You can secure the endpoint using Spring Security. See Securing HTTP Endpoints.


If Spring Security is not an option and you do want to control logging in some other way, that actuator does not provide, you can take a look at LoggersEndpoint:

  • To control logging level it uses LoggingSystem / LoggerGroups
  • Here is a snippet of code that changes logging level:
    @WriteOperation
    public void configureLogLevel(@Selector String name, @Nullable LogLevel configuredLevel) {
        Assert.notNull(name, "Name must not be empty");
        LoggerGroup group = this.loggerGroups.get(name);
        if (group != null && group.hasMembers()) {
            group.configureLogLevel(configuredLevel, this.loggingSystem::setLogLevel);
            return;
        }
        this.loggingSystem.setLogLevel(name, configuredLevel);
    }
    
4 People found this is helpful
Advertisement