Keep It Simple and Stupid replacement of Sentry for error logging in django project.
A Django application that logs HTTP 500 errors to the database, capturing detailed context including user information, request details, and POST data.
- Automatic Error Logging: Captures all unhandled exceptions (HTTP 500 errors)
- User Context: Logs the authenticated user when the error occurred
- Request Details: Captures path, method, headers, IP address, and query string
- POST Data Logging: Saves POST/PUT/PATCH payloads with sensitive field redaction
- Large Payload Protection: Filters out POST payloads larger than 100KB
- HTML Traceback: Stores Django's debug error page HTML for detailed debugging
- User Impersonation: Link to impersonate the user and reproduce the error (optional)
- Django Admin Integration: View and manage error logs through Django admin
pip install django-error-loggerAfter installation, integrate into your Django project:
Edit settings.py:
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# ... your other apps ...
'error_logger', # Add this
]Edit settings.py:
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
# ... your other middleware ...
'error_logger.middleware.ErrorLoggingMiddleware', # Add at the end
]Edit your main urls.py:
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path('admin/', admin.site.urls),
# ... your other URLs ...
path('error-logger/', include('error_logger.urls')), # Add this
]python manage.py migrate error_logger# Start your Django server
python manage.py runserver
# Trigger a test error (development only!)
curl http://localhost:8000/error-logger/test/500/
# Check Django admin
open http://localhost:8000/admin/error_logger/errorlog/To access the error logger views (such as the error log list, details, and test endpoints), users must be logged in and have the error_logger.view_errorlog permission. This permission is automatically created when you run migrations.
You can assign this permission to users or groups via the Django admin interface:
- Go to the Django admin at /admin/.
- Navigate to Users or Groups.
- Select a user or group.
- In the permissions section, check the box for Can view error log under the Error logger app.
- Save the changes.
Alternatively, you can assign permissions programmatically in your code or via fixtures.
Note: Only users with this permission can access the error logger URLs. Ensure your authentication system is properly configured.
To enable the "impersonate user" feature in admin:
pip install django-suThen add to settings.py:
INSTALLED_APPS = [
# ...
'django_su',
'error_logger',
]And add to urls.py:
urlpatterns = [
# ...
path('su/', include('django_su.urls')),
]Before deploying to production:
- Remove Test Endpoints: Comment out or remove test views in
error_logger/views.py - Access Control: Ensure only admin users can access
/error-logger/URLs - Log Cleanup: Implement a strategy to clean up old error logs
- Review Sensitive Fields: Customize the
SENSITIVE_FIELDSlist for your app - Database Size: Monitor error log table size
The following fields are automatically redacted in POST data logs:
password,password1,password2,old_password,new_passwordtoken,access_token,refresh_token,api_key,secretcredit_card,cvv,ssn,pin
You can customize this list in middleware.py:
SENSITIVE_FIELDS = [
'password', 'token', 'api_key', 'secret',
# Add your custom sensitive fields here
]By default, POST payloads larger than 100KB are not logged in full. You can adjust this in middleware.py:
MAX_POST_SIZE = 100 * 1024 # 100KB (default)
# MAX_POST_SIZE = 1024 * 1024 # 1MBAccess the error logs through Django admin at /admin/error_logger/errorlog/
Features:
- List view with error type, time, user, path, and method
- Filter by error type, time, and method
- Search by error message, path, or username
- Detail view with full traceback and HTML error page
- "Open in Full Page" button to view the HTML traceback
- "Impersonate and visit error page" button (requires
django_su)
Access these endpoints at /error-logger/test/:
URL: /error-logger/test/500/
Triggers a ZeroDivisionError to test basic error logging.
curl http://localhost:8000/error-logger/test/500/URL: /error-logger/test/value-error/
Triggers a ValueError with a custom message.
curl http://localhost:8000/error-logger/test/value-error/URL: /error-logger/test/key-error/
Triggers a KeyError by accessing a non-existent dictionary key.
curl http://localhost:8000/error-logger/test/key-error/URL: /error-logger/test/post-error/
Tests error logging with POST data including sensitive fields (password, token).
Form Fields:
username: Regular text fieldpassword: Will be redacted in logsemail: Email fieldtoken: Will be redacted in logs
Usage:
- Visit the URL in your browser
- Fill out the form (pre-populated with test data)
- Submit the form to trigger an error
- Check Django admin to see POST data with sensitive fields redacted
cURL Example:
curl -X POST http://localhost:8000/error-logger/test/post-error/ \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=testuser&password=secret123&email=test@example.com&token=abc123"URL: /error-logger/test/large-post-error/
Tests error logging with a large POST payload (150KB) that exceeds the logging limit.
Form Fields:
username: Regular text fieldpassword: Will be redacted in logslarge_field: Pre-filled with 150KB of data
Usage:
- Visit the URL in your browser
- Submit the form (large_field is pre-populated)
- Check Django admin to see that POST data size is logged but content is not
Expected Result:
The error log's additional_info should contain:
{
"post_data": {
"error": "POST payload too large to log",
"size_bytes": 153600,
"size_kb": 150.0,
"size_mb": 0.15
}
}| Field | Type | Description |
|---|---|---|
user |
ForeignKey | User who encountered the error (null if anonymous) |
error_message |
TextField | Plain text exception message |
error_type |
CharField | Exception class name (e.g., "ValueError") |
traceback |
TextField | Plain text Python traceback |
html_traceback |
TextField | HTML version of Django's debug page |
error_time |
DateTimeField | When the error occurred |
path |
CharField | Request path |
method |
CharField | HTTP method (GET, POST, etc.) |
user_agent |
CharField | User's browser/client |
ip_address |
GenericIPAddressField | Client IP address |
query_string |
TextField | URL query parameters |
additional_info |
JSONField | POST data and request headers |
- Sensitive Data: Always review the
SENSITIVE_FIELDSlist to ensure all sensitive data in your application is redacted - Access Control: Error logs contain sensitive information. Ensure only authorized users (admin group) can access them
- Test Endpoints: Remove or restrict access to test endpoints in production
- Database Storage: Error logs can accumulate. Implement a cleanup strategy (e.g., delete logs older than 90 days)
- HTML Traceback: Contains full request context. Ensure admin access is properly secured
- Django 3.2+
- Python 3.8+
django_su(for user impersonation feature)
AGPL-3.0