DRF API Logger

1.2.0 verified Fri May 01 auth: no python

An API Logger for Django Rest Framework that logs request/response details (headers, body, status, timing) to the database. Provides an admin panel to view and filter logs. v1.2.0 (2025-01) adds profiling for per-request latency breakdown. Release cadence: irregular, multiple minor releases per year.

pip install drf-api-logger

Common errors

error No module named 'drf_api_logger.middleware' ↓

cause The middleware was moved to a submodule in v1.0.0; importing from the root fails.

fix

Use from drf_api_logger.middleware import DRFApiLoggerMiddleware.

error django.db.utils.OperationalError: no such table: drf_api_logger_apilogsmodel ↓

cause The database table hasn't been created because migrations weren't run after adding the app.

fix

Run python manage.py migrate drf_api_logger.

error AttributeError: 'WSGIRequest' object has no attribute 'path_info' ↓

cause Using Django <1.9 (very old) or a non-WSGI environment; path_info may not be available.

fix

Upgrade Django to >=1.9 or set DRF_API_LOGGER_PATCH_ROOT_PATH_INFO = True (not a real setting; this is a known limitation).

Warnings

breaking In v1.2.0, profiling data is stored in extra database columns. If you upgrade from <1.2.0, you must run migrations (may require schema changes). ↓

fix Run `python manage.py migrate drf_api_logger` after upgrading.

gotcha The middleware logs request bodies, which can expose sensitive data. By default, it masks some commonly sensitive keys, but you must extend with DRF_API_LOGGER_SENSITIVE_DATA_MASK or set DRF_API_LOGGER_EXCLUDE_KEYS to avoid logging passwords, tokens, etc. ↓

fix Add `DRF_API_LOGGER_SENSITIVE_DATA_MASK = ['password', 'token', 'secret', ...]` in settings.

gotcha Static/media file requests may also be logged unless you configure DRF_API_LOGGER_SKIP_URLS or upgrade to v1.1.16+ which skips them by default. ↓

fix Upgrade to >=1.1.16 or add DRF_API_LOGGER_SKIP_URLS = ['/static/', '/media/'].

deprecated In v1.1.11 the middleware changed from `request.path` to `request.path_info`. If you have custom middleware relying on the old path, it may break. ↓

fix Use `request.path_info` instead of `request.path` in any custom extensions.

Imports

DRFApiLoggerMiddleware

wrong

from drf_api_logger import DRFApiLoggerMiddleware

correct

from drf_api_logger.middleware import DRFApiLoggerMiddleware

The middleware is in the middleware submodule, not the package root.

Quickstart

Add 'drf_api_logger' to INSTALLED_APPS, insert DRFApiLoggerMiddleware after CommonMiddleware, then migrate. The logs are viewable at /admin/drf_api_logger/apilogsmodel/

# settings.py
INSTALLED_APPS = [
    ...
    'drf_api_logger',
]

MIDDLEWARE = [
    ...
    'drf_api_logger.middleware.DRFApiLoggerMiddleware',
]

DRF_API_LOGGER_DATABASE = True  # defaults to True
DRF_API_LOGGER_SLOW_API_ABOVE = 200  # ms, optional
DRF_API_LOGGER_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE']

# Run migration after adding to INSTALLED_APPS
# python manage.py migrate