iCompaas Support

Description:

HTTP logs for Azure App Services capture detailed information about HTTP requests to and from your web applications hosted in App Service. These logs are critical for monitoring, troubleshooting, and analyzing the performance and usage of your web applications. Enabling HTTP logging ensures that you can track request-response data, client IPs, response times, HTTP status codes, and other important request-related details.

Azure App Service allows you to enable detailed HTTP logging for diagnosing issues with your web app. These logs can be stored in Azure Blob Storage or Log Analytics and can be analyzed for performance bottlenecks, security issues, or usage patterns.

Rationale:

By enabling HTTP logs in Azure App Service, you can:

              Monitor and track HTTP requests and responses for your web application.

• Identify performance bottlenecks or errors in request handling.
  

• Detect security issues by monitoring for unexpected HTTP requests or malicious traffic.
  

• Analyze user behavior by reviewing request patterns and response times.
  

• Support troubleshooting by capturing detailed logs of HTTP traffic and errors.
  

Impact:

Enabling HTTP logging for Azure App Services allows you to capture valuable request data. However, logging can generate large volumes of data, especially for high-traffic web applications. This could result in increased storage costs, particularly if logs are stored for long periods or if the application generates high volumes of traffic. It's essential to configure the retention policies and monitor usage to control costs.

Default Value:

By default, HTTP logging for Azure App Service is disabled. You must manually configure logging to capture HTTP request details.

Pre-requisites:

• Azure subscription with an App Service plan configured.
  

• Owner or Contributor role permissions to enable logging.
  

• Log Analytics workspace or Azure Blob Storage setup as a destination for logs.
  

• App Service instance with HTTP logging requirements (production or development environments).
  

Audit:

1. Sign in to Azure portal as an Owner or Contributor.
   

2. Navigate to your Azure App Service and verify that HTTP logging is enabled.
   

3. Ensure that logs are being sent to the correct destination (Log Analytics or Blob Storage).
   

Implementation Steps (Automated):

1. Sign in to Azure portal:
   

   • Use an account with Owner or Contributor permissions.
     

2. Navigate to Azure App Service:
   

   • In the Azure portal, search for and select App Services.
     

   • Select the App Service for which you want to enable HTTP logging.
     

3. Navigate to Diagnostic Settings:
   

   • Under Monitoring, click Diagnostic settings.
     

   • In the Diagnostic settings pane, click + Add diagnostic setting to configure logging.
     

4. Enable HTTP Logs:
   

   • Under Log categories, select AppServiceHTTPLogs. This will enable HTTP logging for your app.
     

   • Choose the destination where the logs will be sent:
     

     • Log Analytics: Send the logs to a Log Analytics workspace for querying and monitoring.
       

     • Storage Account: Send the logs to Azure Blob Storage for long-term storage and access.
       

     • Event Hub: (Optional) Send logs to Event Hub if you want to forward them to a third-party SIEM.
       

5. Select Destination Settings:
   

   • For Log Analytics, choose the relevant Log Analytics workspace to store the logs.
     

   • For Storage Account, select the Storage Account and configure the retention and access policies.
     

6. Set Retention Policy:
   

   • Specify the log retention period depending on your organization's compliance and storage needs. Typically, HTTP logs should be retained for 30–90 days unless otherwise specified.
     

7. Review and Create:
   

   • Review the configuration and ensure that AppServiceHTTPLogs is selected and directed to the appropriate destination.
     

   • Click Save to apply the configuration and enable HTTP logging.
     

8. Verify Log Capture:
   

   • After enabling HTTP logging, generate traffic on your app (e.g., by accessing the application in a browser or making API requests).
     

   • Go to your Log Analytics workspace (or Storage Account) and verify that the HTTP logs are being captured.
     

Automate Logging Configuration with Azure CLI: You can automate the enabling of HTTP logging using Azure CLI. For example, to enable logging for an App Service and send the logs to Log Analytics:

az monitor diagnostic-settings create \

  --resource <App-Service-Resource-ID> \

  --name "AppServiceHTTPLogs" \

  --workspace <Log-Analytics-Workspace-ID> \

  --logs '[{"category": "AppServiceHTTPLogs", "enabled": true}]'

10. Set Up Alerts (Optional):
    

    • You can set up alerts in Azure Monitor based on the HTTP logs to get notified of issues like high response times or frequent error responses.
      

    • In Azure Monitor, go to Alerts and create a new alert rule based on the AppServiceHTTPLogs data.
      

Backout Plan (Automated):

1. Sign in to Azure portal:
   

   • Use an account with Owner or Contributor permissions.
     

2. Navigate to Azure App Service:
   

   • Go to your Azure App Service in the Azure portal.
     

3. Disable HTTP Logging:
   

   • In Diagnostic settings, locate the HTTP logging diagnostic setting.
     

   • Disable AppServiceHTTPLogs logging or remove the diagnostic setting entirely.
     

4. Verify Log Capture Stopped:
   

   • After disabling HTTP logging, check your Log Analytics workspace or Storage Account to ensure that logs are no longer being captured.
     

5. Test the Reverted Configuration:
   

   • Trigger traffic on your App Service (e.g., make requests to your application) and verify that no logs are generated or sent to the destination.
     

References:

• Azure App Service - Diagnostic Settings Overview
  

• Azure Monitor - Log Analytics Overview
  Enable App Service HTTP Logs