feat: 로깅 체계 구축 JSON stdout, MDC 구현, tomcat access log 설정 추가

* feat: json로그 인코더 의존성 추가, yml dev프로필 과도한 로깅레벨 정리, 로그 파일 생성 설정 추가

* feat: logback-spring xml설정 추가, requestIdFilter try-catch 동작 수정

* feat: threadLocal 로깅 컨텍스트에 mdc로 userId추적

* refactor: securityConfig에서 필터순서 명시

* feat: tomcat access log yml설정 추가

Author: gksdud1109

backend/.gitignore

@@ -59,3 +59,6 @@ src/main/resources/application-perf.yml
 
 ### querydsl ###
 src/main/generated/
+
+### Logs ###
+logs/*.log

backend/build.gradle.kts

@@ -76,6 +76,9 @@ dependencies {
     annotationProcessor("jakarta.annotation:jakarta.annotation-api")
     annotationProcessor("jakarta.persistence:jakarta.persistence-api")
 
+    // logstash logback encoder
+    implementation("net.logstash.logback:logstash-logback-encoder:7.4")
+
 
 }
 

backend/src/main/java/com/back/global/config/SecurityConfig.java

@@ -18,6 +18,7 @@
 
 import com.back.global.error.code.AuthErrorCode;
 import com.back.global.error.code.ErrorCode;
+import com.back.global.logging.RequestIdFilter;
 import com.back.global.properties.CorsProperties;
 import com.back.global.response.ApiResponse;
 import com.back.global.security.CustomAuthenticationFilter;
@@ -37,7 +38,12 @@ public class SecurityConfig {
 	private final ObjectMapper objectMapper;
 
 	@Bean
-	SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+	public RequestIdFilter requestIdFilter() {
+		return new RequestIdFilter();
+	}
+
+	@Bean
+	SecurityFilterChain filterChain(HttpSecurity http, RequestIdFilter requestIdFilter) throws Exception {
 		http
 
 			.cors(cors -> cors.configurationSource(corsConfigurationSource()))
@@ -77,7 +83,10 @@ SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 				})
 			);
 
-		http.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
+		// MDC RequestId로깅용 필터 클래스 순서보장
+		http.addFilterBefore(requestIdFilter, UsernamePasswordAuthenticationFilter.class);
+		// MDC에서 requestId식별 후에 authenticationFilter적용
+		http.addFilterAfter(authenticationFilter, RequestIdFilter.class);
 
 		return http.build();
 	}

backend/src/main/java/com/back/global/logging/MdcContext.java

@@ -0,0 +1,31 @@
+package com.back.global.logging;
+
+import org.slf4j.MDC;
+
+public final class MdcContext {
+
+	private MdcContext() {
+	}
+
+	public static void putUserId(Long userId) {
+		if (userId != null) {
+			MDC.put("userId", String.valueOf(userId));
+		}
+	}
+
+	public static void putEventId(Long eventId) {
+		if (eventId != null) {
+			MDC.put("eventId", String.valueOf(eventId));
+		}
+	}
+
+	public static void putSeatId(Long seatId) {
+		if (seatId != null) {
+			MDC.put("seatId", String.valueOf(seatId));
+		}
+	}
+
+	public static void removeUserId() {
+		MDC.remove("userId");
+	}
+}

backend/src/main/java/com/back/global/logging/RequestIdFilter.java

@@ -0,0 +1,43 @@
+package com.back.global.logging;
+
+import java.io.IOException;
+import java.util.Optional;
+import java.util.UUID;
+
+import org.slf4j.MDC;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+/**
+ * @Component등록 없이 SecurityConfig에서 명시적으로 빈으로 등록 후 활용
+ * Security FilterChain에서 확실하게 순서보장 목적
+ */
+public class RequestIdFilter extends OncePerRequestFilter {
+
+	private static final String HEADER = "X-Request-Id";
+
+	@Override
+	protected void doFilterInternal(
+		HttpServletRequest request,
+		HttpServletResponse response,
+		FilterChain filterChain
+	) throws ServletException, IOException {
+
+		String requestId = Optional.ofNullable(request.getHeader(HEADER))
+			.filter(id -> !id.isBlank())
+			.orElse(UUID.randomUUID().toString());
+
+		MDC.put("requestId", requestId);
+		response.setHeader(HEADER, requestId);
+
+		try {
+			filterChain.doFilter(request, response);
+		} finally {
+			MDC.remove("requestId");
+		}
+	}
+}

backend/src/main/java/com/back/global/security/CustomAuthenticationFilter.java

@@ -21,6 +21,7 @@
 import com.back.global.error.code.AuthErrorCode;
 import com.back.global.error.exception.ErrorException;
 import com.back.global.http.CookieManager;
+import com.back.global.logging.MdcContext;
 
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -119,7 +120,14 @@ private void authenticate(
 
 		SecurityContextHolder.getContext().setAuthentication(authentication);
 
-		filterChain.doFilter(request, response);
+		// 인증 성공 이후에 MDC 로그 컨텍스트에 userId추가, SecurityContext와 별개
+		MdcContext.putUserId(userId);
+
+		try {
+			filterChain.doFilter(request, response);
+		} finally {
+			MdcContext.removeUserId(); // 다음 스레드 재사용을 위해 반드시 제거
+		}
 	}
 
 	private String resolveAccessToken(HttpServletRequest request) {

backend/src/main/resources/application-dev.yml

@@ -7,7 +7,6 @@ spring:
     database-platform: org.hibernate.dialect.PostgreSQLDialect
     hibernate:
       ddl-auto: create-drop
-
 security:
   password:
     bcrypt-strength: 4

backend/src/main/resources/application.yml

@@ -16,7 +16,7 @@ spring:
         default_batch_fetch_size: 100
     hibernate:
       ddl-auto: update
-    show-sql: true
+    show-sql: false
   mvc:
     hiddenmethod:
       filter:
@@ -26,13 +26,25 @@ spring:
       host: localhost
       port: 6379
       password: ${REDIS_PASSWORD:}
-
+server:
+  tomcat:
+    basedir: .
+    accesslog:
+      enabled: true
+      directory: logs
+      prefix: access
+      suffix: .log
+      file-date-format: .yyyy-MM-dd
+      max-days: 14
+      pattern: '%h %t "%r" %s %b %D %{X-Request-Id}o "%{User-Agent}i"'
 logging:
   level:
-    org.hibernate.orm.jdbc.bind: TRACE
-    org.hibernate.orm.jdbc.extract: TRACE
-    org.springframework.transaction.interceptor: TRACE
+    root: INFO
     com.back: DEBUG
+    org.hibernate.orm.jdbc.bind: OFF
+    org.hibernate.orm.jdbc.extract: OFF
+    org.springframework.transaction.interceptor: INFO
+
 
 springdoc:
   swagger-ui:

backend/src/main/resources/logback-spring.xml

@@ -0,0 +1,76 @@
+<configuration>
+
+    <!-- =========================
+         공통 설정
+         ========================= -->
+    <springProperty scope="context"
+                    name="APP_NAME"
+                    source="spring.application.name"
+                    defaultValue="waitfair"/>
+
+    <!-- =========================
+         LOCAL / DEV
+         - Spring Boot 기본 콘솔 로그 그대로
+         - 파일로만 rolling
+         ========================= -->
+    <springProfile name="local,dev">
+
+        <!-- Spring Boot 기본 console appender 그대로 사용 -->
+        <include resource="org/springframework/boot/logging/logback/defaults.xml"/>
+        <include resource="org/springframework/boot/logging/logback/console-appender.xml"/>
+
+        <!-- 로컬 디버깅용 파일 로그 -->
+        <appender name="FILE"
+                  class="ch.qos.logback.core.rolling.RollingFileAppender">
+            <file>logs/dev.log</file>
+            <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+                <fileNamePattern>logs/dev.%d{yyyy-MM-dd}.log</fileNamePattern>
+                <maxHistory>7</maxHistory>
+            </rollingPolicy>
+            <encoder>
+                <pattern>
+                    %d{yyyy-MM-dd HH:mm:ss.SSS} %-5level [%thread] %logger{36} - %msg%n
+                </pattern>
+            </encoder>
+        </appender>
+
+        <root level="INFO">
+            <appender-ref ref="CONSOLE"/>
+            <appender-ref ref="FILE"/>
+        </root>
+    </springProfile>
+
+    <!-- =========================
+         PERF / PROD
+         - JSON stdout only
+         ========================= -->
+    <springProfile name="perf,prod">
+
+        <appender name="JSON_CONSOLE"
+                  class="ch.qos.logback.core.ConsoleAppender">
+            <encoder class="net.logstash.logback.encoder.LogstashEncoder">
+                <!-- 고정 필드 -->
+                <customFields>
+                    {"app":"${APP_NAME}"}
+                </customFields>
+
+                <!-- MDC에서 가져올 필드 -->
+                <includeMdcKeyName>requestId</includeMdcKeyName>
+                <includeMdcKeyName>userId</includeMdcKeyName>
+                <includeMdcKeyName>eventId</includeMdcKeyName>
+                <includeMdcKeyName>seatId</includeMdcKeyName>
+                <includeMdcKeyName>orderId</includeMdcKeyName>
+            </encoder>
+        </appender>
+
+        <!-- 불필요한 로그 줄이기 -->
+        <logger name="org.hibernate.SQL" level="WARN"/>
+        <logger name="org.hibernate.orm.jdbc.bind" level="WARN"/>
+        <logger name="org.springframework.web" level="INFO"/>
+
+        <root level="INFO">
+            <appender-ref ref="JSON_CONSOLE"/>
+        </root>
+    </springProfile>
+
+</configuration>