httplog
httplog is a Ruby gem that intercepts and logs outgoing HTTP requests from your application for debugging purposes. It supports multiple HTTP libraries and provides configurable logging output including requests, responses, headers, and benchmarks. It is explicitly not recommended for production use due to monkey-patching the underlying HTTP implementations.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | trusche/httplog |
| Owner | trusche |
| Primary language | Ruby |
| License | MIT — OSI-approved |
| Stars | 827 |
| Forks | 79 |
| Open issues | 1 |
| Latest release | v1.8.0 (2026-01-13) |
| Last updated | 2026-02-23 |
| Source | https://github.com/trusche/httplog |
What httplog is
httplog hooks into popular Ruby HTTP libraries (Net::HTTP, Ethon, Excon, HTTParty, Faraday, etc.) via monkey-patching to capture request/response lifecycle events. It logs to a configurable logger with options for compact, JSON, and Graylog formats, plus parameter filtering and URL pattern matching. The gem requires Ruby >= 2.6 and is maintained as a development-only tool.
Get the httplog source
Clone the repository and explore it locally.
git clone https://github.com/trusche/httplog.gitcd httplog# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Require httplog *after* your HTTP library to ensure hooks are installed correctly.
- Configure in a Rails initializer (e.g., config/initializers/httplog.rb) scoped to development/test environments only.
- Use parameter filtering (config.filter_parameters) to avoid logging credentials or sensitive data; note that filtering only applies to URL and header parameters, not JSON request bodies.
- Choose output format (plain, compact, JSON, Graylog) based on your logging stack and noise tolerance.
- Set URL allowlist/denylist patterns if certain endpoints produce excessive noise or should not be logged.
When to avoid it — and what to weigh
- Production Workloads — The README explicitly warns against production use; monkey-patching introduces performance overhead and unforeseen interactions with HTTP libraries in production environments.
- Non-Ruby Applications — httplog is Ruby-specific and cannot be integrated into non-Ruby services; alternatives exist for other languages (e.g., curl logging, Wireshark, proxy tools).
- Binary Protocol Logging — The gem does not log binary response bodies and converts text to UTF-8 with character replacement; if you need raw byte-level inspection, use network-level tools instead.
- High-Concurrency or Streaming Scenarios — No explicit mention of thread-safety or support for asynchronous/streaming HTTP patterns; suitability for these use cases requires review.
License & commercial use
Licensed under the MIT License, which is a permissive OSI-approved license allowing commercial use, modification, and distribution with minimal restrictions.
MIT license permits commercial use. However, this tool is explicitly recommended only for development/debugging environments. Deploying it in a production commercial service would violate the intended use case and introduce risk; ensure it is disabled or removed before production deployment.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
Monkey-patching HTTP implementations creates a large attack surface if httplog itself were compromised; mitigate by using only in development and strictly controlling gem dependencies. Parameter filtering provides basic PII redaction for URL and headers, but does not filter JSON bodies or response data. Review filter_parameters configuration to ensure sensitive keys are covered. No explicit vulnerability history found in provided data; requires audit of gem release history.
Alternatives to consider
Rails Logger + Net::HTTP Instrumentation
Use native Rails request logging or ActiveSupport::Notifications hooks to avoid monkey-patching; provides similar visibility with less risk.
Faraday Middleware (e.g., faraday-detailed_logger)
If using Faraday, middleware-based logging is more explicit and less invasive than global monkey-patching.
Network Proxies (Charles, Fiddler, mitmproxy)
For low-level HTTP inspection across any language and library, use network-level interception; offers binary support and protocol-level detail.
Build on httplog with DEV.co software developers
Our team specializes in Ruby development and API integration. Let us help you set up robust logging and troubleshooting for your HTTP interactions.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
httplog FAQ
Can I use httplog in production?
Does httplog log request bodies?
Which HTTP libraries does httplog support?
How do I prevent logging of specific endpoints or sensitive data?
Software development & web development with DEV.co
Need help beyond evaluating httplog? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source observability integrations — and maintain them long-term.
Need Help Integrating httplog or Debugging Ruby APIs?
Our team specializes in Ruby development and API integration. Let us help you set up robust logging and troubleshooting for your HTTP interactions.