Hi everyone,
I maintain DRF API Logger, an open-source package for Django REST Framework request/response logging.
The goal is to help DRF teams debug production APIs without writing custom logging middleware for every project.
It can log:
- API URL and HTTP method
- Request headers and body
- Response body and status code
- Client IP address
- Execution time
- Optional tracing/correlation metadata
- Optional SQL profiling for slow API diagnosis
It also includes:
- Sensitive data masking for passwords, tokens, API keys, authorization headers, cookies, etc.
- Payload size limits to avoid storing very large request/response bodies
- Background database logging with batched writes
- Django admin search, filters, charts, CSV export, and slow API markers
- ASGI-compatible logging
- Endpoint-level policy controls for logging/masking behavior
- Production diagnostics via a management command
Install:
pip install drf-api-logger
Links:
- GitHub: GitHub - vishalanandl177/DRF-API-Logger: An API Logger for your Django Rest Framework project. · GitHub
- PyPI: drf-api-logger · PyPI
I would really appreciate feedback from Django/DRF developers, especially people running APIs in production:
- Would you use request/response logging like this in production?
- Are the masking and payload-limit defaults conservative enough?
- What would make this safer or easier to adopt?
- Are there docs, examples, or deployment guides you would expect before trusting it?
- Is there anything in this space that existing packages handle better?
I am trying to make this genuinely useful for the Django and DRF ecosystem, so feedback, criticism, and suggestions are welcome.