Skip to content

chore: remove db audit logging as it is handled by apitally#334

Open
suvanbanerjee wants to merge 1 commit into
mainfrom
chore/disable-audit
Open

chore: remove db audit logging as it is handled by apitally#334
suvanbanerjee wants to merge 1 commit into
mainfrom
chore/disable-audit

Conversation

@suvanbanerjee

@suvanbanerjee suvanbanerjee commented Jun 29, 2026

Copy link
Copy Markdown
Member

Pull Request

Description

Remove the RequestLoggerMiddleware (db audit logging), as request logging is now handled by Apitally. This eliminates the Failed to log request to DB: Database client not found in app state Sentry events which were the dominant source of Sentry quota consumption (~101K out of 140K total requests in the last 90 days), mostly triggered by automated scanners hitting 404 endpoints.

How Has This Been Tested?

Tested locally by removing the audit middleware and sending a 404 request, confirmed no sentry error via local logs.

  • Yes

Checklist:

  • My code follows OCF's coding style guidelines
  • I have performed a self-review of my own code
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked my code and corrected any misspellings

@suvanbanerjee suvanbanerjee self-assigned this Jun 29, 2026

@peterdudfield peterdudfield left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wait

allow_methods=["*"],
allow_headers=["*"],
)
if conf.get_string("backend.source") != "dataplatform":

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so this doesnt run for the dataplatform background.

What services are we getting this error for?

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you see what API we are getting this warning from

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like they are hitting out server ip directly and not api.quartz.solar

image

uk-api on sentry has around 52k events in devleopemnt and 49.5k events on prod,

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and do you know which api it is?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@peterdudfield I'm not entirely sure which environment is firing these, here's what I found:

I found this request in Sentry hitting http://54.155.28.70/:
sentry request

When I visited http://54.155.28.70/docs it only serves substations endpoints, which points to uk-development-quartz-api with ROUTERS=substations:
substations docs

However when I checked the AWS config for uk-development-quartz-api, it has SOURCE=dataplatform, which means the audit middleware guard skips it entirely:
source config

So I'm not sure how it's still firing, do you have any idea what I'm missing here?

@suvanbanerjee suvanbanerjee Jun 29, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

on thing, not sure might be the cause, that the API version running on EBS is currently on 0.3.27 (fetched from EBS logs and checked on teraform)

image

and this dataplatfom exclusion code was added in d0f7eb1 on 27may (around a month back)

image

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah ok, so we need to upgrade the substation api, from 0.3.27 to the latest. Would that solve it?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes it should

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants