Logging incoming Keycloak Requests in Docker Container

Question

I am currently working on a personal project and would like to implement a honeypot for Keycloak, as I have not found a framework offering this (please correct me if I am wrong). The idea is to have Keycloak running and log all incoming HTTP Requests (including Headers, Body, etc..). Currently I have Keycloak running within docker. So far I have not found a suitable solution and would really appreciate your help. Here is the docker-compose.yml

version: '3'

volumes:
  postgres_data:
      driver: local

services:
  postgres:
      image: postgres
      volumes:
        - postgres_data:/var/lib/postgresql/data
      environment:
        POSTGRES_DB: keycloak
        POSTGRES_USER: keycloak
        POSTGRES_PASSWORD: password
  keycloak:
      image: quay.io/keycloak/keycloak:latest
      environment:
        DB_VENDOR: POSTGRES
        DB_ADDR: postgres
        DB_DATABASE: keycloak
        DB_USER: keycloak
        DB_SCHEMA: public
        DB_PASSWORD: password
        KEYCLOAK_USER: user
        KEYCLOAK_PASSWORD: Pa55w0rd
        KEYCLOAK_ADMIN: admin
        KEYCLOAK_ADMIN_PASSWORD: password
      entrypoint: /opt/keycloak/bin/kc.sh start-dev
      ports:
        - 8080:8080
      depends_on:
        - postgres

This may answer your question: https://stackoverflow.com/a/68220910/2778422 — zaerymoghaddam, Jun 28 '22 at 06:56

score 1 · Answer 1 · answered Mar 07 '23 at 10:05

1

You can add this env variable in your docker-compose file:

QUARKUS_HTTP_ACCESS_LOG_ENABLED: "true"

If you want to log also the headers for all the incoming requests, also add thie env:

QUARKUS_HTTP_ACCESS_LOG_PATTERN: "%r\n%{ALL_REQUEST_HEADERS}"

answered Mar 07 '23 at 10:05

Haritz Saiz Sierra

11
1

Logging incoming Keycloak Requests in Docker Container

1 Answers1