Configuration
Flow order
This is the flow order and terminology in gecholog.
Configuration Fields
This is an example of the /app/conf/gl_config.json file. It's the main config file for gecholog.
{
"version": "0.92.1",
"log_level": "INFO",
"license_file": "./app/conf/license.json",
"tls": {
"ingress": {
"enabled": false,
"certificate_file": "",
"private_key_file": ""
},
"outbound": {
"insecure": false,
"system_cert_pool": true,
"cert_files": []
}
},
"service_bus": {
"hostname": "localhost:4222",
"topic": "coburn.gl.gecholog",
"topic_exact_isalive": "coburn.gl.isalive",
"topic_exact_logger": "coburn.gl.logger",
"token": "${NATS_TOKEN}"
},
"gl_port": 5380,
"session_id_header": "Session-Id",
"masked_headers": [
"Authorization",
"Api-Key"
],
"remove_headers": [
"Content-Length"
],
"routers": [
{
"path": "/echo/",
"ingress": {
"headers": {}
},
"outbound": {
"url": "https://localhost",
"endpoint": "",
"headers": {
"Content-Type": [
"application/json"
]
}
}
},
{
"path": "/service/standard/",
"ingress": {
"headers": {
"Content-Type": [
"application/json"
]
}
},
"outbound": {
"url": "${AISERVICE_API_BASE}",
"endpoint": "",
"headers": {
"Content-Type": [
"application/json"
]
}
}
},
{
"path": "/service/capped/",
"ingress": {
"headers": {
"Content-Type": [
"application/json"
]
}
},
"outbound": {
"url": "${AISERVICE_API_BASE}",
"endpoint": "",
"headers": {
"Content-Type": [
"application/json"
]
}
}
},
{
"path": "/restricted/",
"ingress": {
"headers": {
"Content-Type": [
"application/json"
],
"Api-Key": [
"${GECHOLOG_API_KEY}"
]
}
},
"outbound": {
"url": "${AISERVICE_API_BASE}",
"endpoint": "",
"headers": {
"Content-Type": [
"application/json"
],
"Api-Key": [
"${AISERVICE_API_KEY}"
]
}
}
}
],
"request": {
"processors": [
[
{
"name": "token_counter",
"modifier": false,
"required": false,
"async": false,
"input_fields_include": [
"ingress_payload",
"gl_path"
],
"input_fields_exclude": [],
"output_fields_write": [
"control"
],
"service_bus_topic": "coburn.gl.tokencounter",
"timeout": 50
}
]
]
},
"response": {
"processors": [
[
{
"name": "token_counter",
"modifier": false,
"required": false,
"async": true,
"input_fields_include": [
"inbound_payload",
"gl_path"
],
"input_fields_exclude": [],
"output_fields_write": [
"token_count"
],
"service_bus_topic": "coburn.gl.tokencounter",
"timeout": 50
}
]
]
},
"logger": {
"request": {
"fields_include": [],
"fields_exclude": []
},
"response": {
"fields_include": [],
"fields_exclude": []
}
}
}
| Field | Description |
|---|---|
| gl_port | Port number for the service. |
| license_file | Path to the license file. |
| logger | Configuration for logging filters |
| log_level | One of DEBUG INFO WARN ERROR |
| masked_headers | List of headers to obfuscate in logs and to processors. |
| remove_headers | List of headers to remove at ingress, outbound, inbound and egress. |
| response | Configuration for response processors. |
| request | Configuration for request processors. |
| routers | Definitions of ingress and outbound routing paths. |
| service_bus | Configuration for the service bus connection and topics. |
| session_id_header | Header name for Session ID. |
| tls | TLS settings |
| version | The config file conforms to this specification |
Why that default port? GECHO -> GE8O -> 5380.
environment variables
gecholog supports environment variables described in section Environment Variables.
TLS
Object to set TLS configuration. For more information about tls see Section TLS.
{
"tls": {
"ingress": {
"enabled": false,
"certificate_file": "./app/conf/cert.pem",
"private_key_file": "./app/conf/key.pem"
},
"outbound": {
"insecure": false,
"system_cert_pool": true,
"cert_files": [ ]
}
}
}
Ingress tls
| Field | Description |
|---|---|
| certificate_file | .pem certificate file |
| enabled | enable=true to accept ingress https |
| private_key_file | .pem private key file |
Outbound tls
| Field | Description |
|---|---|
| cert_files | Array of paths/filenames to ca.crt files |
| insecure | insecure=true to accept insecure outbound https |
| system_cert_pool | system_cert_pool=true to append system provided certs |
service_bus
| Field | Description |
|---|---|
| hostname | hostname:port to nats |
| token | Access token to nats |
| topic | Main topic for gecholog on the service bus. |
| topic_exact_isalive | Topic for checking if the gecholog service is alive. |
| topic_exact_logger | Subscribe to this topic for all the gecholog logs! |
routers
the router field contains an array of routers, add as many as you like.
The /echo/ router is a special case router, disregarding any outbound URL and simply echoing back the ingress payload. However, standard processing rules, filtering, etc., still apply. This router provides a convenient method for testing your settings and processors without utilizing LLM-APIs.
Each router configuration object needs to have the following structure:
{
"path": "/service/capped/",
"ingress": {
"headers": {
"Content-Type": [
"application/json"
]
}
},
"outbound": {
"url": "https://your.openai.azure.com/",
"endpoint": "",
"headers": {
"Content-Type": [
"application/json"
]
}
}
}
Router Configuration
The router configuration consists of two main sections, ingress and outbound, each defined with specific paths, URLs, and headers.
| Field | Description |
|---|---|
| path | The /yourpath/ for incoming requests to gecholog. |
| ingress | Details for ingress |
| outbount | Details for outbound |
path need starting and ending / like /mypath/subpath/ or /anotherpath/.
Ingress Configuration
| Field | Description |
|---|---|
| headers | Array of mandatory headers, can be left empty. |
Outbound Configuration
| Field | Description |
|---|---|
| endpoint | Mostly left empty. Optional additional path to add to the outbound url. |
| url | The target URL where the application sends outbound traffic. |
| headers | Array of static headers that will be included in the outbound request, can be left empty. |
For more information about headers see section Headers.
The final outbound URL is determined by considering several elements: 1) the outbound->url, 2) outbound->endpoint (if it exists), 3) the path following ingress->path, and 4) any ingress query parameters.
request & response processors
Both request and response objects contain an array of array of processors
Sequential Processors A,B,C (assuming all have sync=true)
[
[A],
[B],
[C]
]
Parallel processors A1, A2 (assuming both have sync=true)
[
[A1, A2]
]
For more information about processor ordering se section Processor Rules.
Processor example
Each processor has the following structure:
{
"name": "spacy_entities",
"modifier": false,
"required": false,
"async": true,
"input_fields_include": [ "outbound_payload" ],
"input_fields_exclude": [ ],
"output_fields_write": [ "spacy_entities" ],
"service_bus_topic": "coburn.gl.spacyentities",
"timeout": 1000
}
| Field | Description |
|---|---|
| name | Name of the processor. |
| modifier | true if it can modify but not create fields. false if it can create but not modify. |
| required | Mark if processor execution is mandatory. WARNING - if not executed -> no log! |
| async | true for post-processor. false for realtime. |
| input_fields_include | List of fields from request/response objects sent to processor. Empty -> all fields. |
| input_fields_exclude | Opposite of include. Fields to exclude. Empty means no excluded. |
| output_fields_write | Fields in request/response objects processor can write to. |
| service_bus_topic | Topic in the service bus for requests to processor. |
| timeout | Timeout value for the processor in milliseconds. |
logger
The logger section has two sub-sections, request and response, each with:
| Field | Description |
|---|---|
| fields_include | Fields to include in the log. |
| fields_exclude | Fields to exclude from the log. |
ginit process manager
The gecholog container is controlled by the ginit service. It is not recommended to make any changes to /app/conf/ginit_config.json. The service manager ginit is responsible for monitoring configuration files, managing and restarting the services and printing the container system log. By default the container will die if the following services are unhealthy
glnats-servernats2file
And these services are allowed to be idle
guinats2logtokencounter
gui web interface configuration
The gecholog container runs the gui web interface service. Settings such as port and TLS certificates can be set in the /app/conf/gui_config.json file
{
"secret": "${GUI_SECRET}",
"failed_authentication_limit": 5,
"tls": {
"ingress": {
"enabled": false,
"certificate_file": "",
"private_key_file": ""
}
},
"gui_port": 8080
}
It is recommended not to edit other settings of the /app/conf/gui_config.json configuration file.