DRF API Logger: production request/response logging for Django REST Framework

Hi everyone,

I maintain DRF API Logger, an open-source package for Django REST Framework request/response logging.

The goal is to help DRF teams debug production APIs without writing custom logging middleware for every project.

It can log:

  • API URL and HTTP method
  • Request headers and body
  • Response body and status code
  • Client IP address
  • Execution time
  • Optional tracing/correlation metadata
  • Optional SQL profiling for slow API diagnosis

It also includes:

  • Sensitive data masking for passwords, tokens, API keys, authorization headers, cookies, etc.
  • Payload size limits to avoid storing very large request/response bodies
  • Background database logging with batched writes
  • Django admin search, filters, charts, CSV export, and slow API markers
  • ASGI-compatible logging
  • Endpoint-level policy controls for logging/masking behavior
  • Production diagnostics via a management command

Install:

pip install drf-api-logger

Links:

I would really appreciate feedback from Django/DRF developers, especially people running APIs in production:

  1. Would you use request/response logging like this in production?
  2. Are the masking and payload-limit defaults conservative enough?
  3. What would make this safer or easier to adopt?
  4. Are there docs, examples, or deployment guides you would expect before trusting it?
  5. Is there anything in this space that existing packages handle better?

I am trying to make this genuinely useful for the Django and DRF ecosystem, so feedback, criticism, and suggestions are welcome.