rv-logstasher 1.3.2 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 10724cd9756c33b80e7fda244c674ce229b6edd2
-  data.tar.gz: c768f4a33afcc437d6028174d3302309196205d4
+  metadata.gz: ea6daba64559c9c69a821753732edf9e8b77edaa
+  data.tar.gz: 554087f41c7d7020a63f4b33d1c03a1cdc4c88b7
 SHA512:
-  metadata.gz: c90df87fc2e047ec1e26d192b89b6095ed608c8b5a44565298878bdd4e422e6aac4d981436de12d791c21adae5ab58077f6720e23cbbc9812df467c544da9b68
-  data.tar.gz: f4d9c874c1d070350b1006d1334beb42a3712ced5bb385da95bc3ce978e0ea8df673f709921f9dfcd7404e6f12f2a8218a4afdc55991512d73300a100c2fac82
+  metadata.gz: 8fdc8e9a709c4e1986e94d3c64d1ab6e8d46648635e845d18ca8f732daca8adb419fe45818867f457dd7d584cbe1c4ace989f44a2ed0b0756a27cc49a2c48466
+  data.tar.gz: 6efb4264890e4d316fb5ca027436aec251f3007ead6d037b02b6423014b899217ce6bb99735c084ab97e2b32d53de6f91eb6d6d23cd38f3a8887099d7f2c64cd

data/README.md

@@ -76,16 +76,32 @@ it is left upto you to add them. Here's how to do it:
       end
     end
 
+### Filtering out controller params
+
+You may not want to log certain parameters which have sensitive information in
+them, e.g. `password`. This can be set using the `filter_parameters` option:
+
+    # Filter out some field you don't want to show
+    config.logstasher.filter_parameters << 'foo'
+
+Note that by default this is set to `['password', 'password_confirmation']`, so
+be careful when explicitly setting, as you may lose this filtering:
+
+    # NOTE: password and password_confirmation will no longer be filtered
+    config.logstasher.filter_parameters = ['foo']
+
+Any filtered parameter will still show in the `params` field, but it's value
+will be `[FILTERED]`.
+
 ## Installation for Grape Application
 
-### In your Gemfile: 
+### In your Gemfile:
 
     gem "rv-logstasher"
     gem "grape_logging"
-    
-    
+
 ### Init logger:
-    
+
     module TestApp
       def self.logger
         @logger ||= LogStasher.logger_for_app('app_name', Rack::Directory.new("").root, STDOUT)
@@ -93,14 +109,14 @@ it is left upto you to add them. Here's how to do it:
     end
 
 ### Setup Grape request/exception logging
-     
+
     module TestApp
       class API < Grape::API
         logger TestApp.logger
         use GrapeLogging::Middleware::RequestLogger, logger: TestApp.logger
-        
+
         rescue_from TestApp::NotFound do |err|
-          # Tag your exception 
+          # Tag your exception
           API.logger.info(exception: err, tags: "rescued_exception", status: 404)
           error_response(message: "Not found", status: 404)
         end
@@ -112,8 +128,6 @@ it is left upto you to add them. Here's how to do it:
       end
     end
 
-
-
 ## Copyright
 
 Copyright (c) 2016 Reevoo Ltd, released under the MIT license

data/lib/logstasher/log_subscriber.rb

@@ -93,6 +93,9 @@ module LogStasher
     def extract_parameters(payload)
       if LogStasher.include_parameters?
         external_params = payload[:params].except(*INTERNAL_PARAMS)
+        LogStasher.filter_parameters.each do |param|
+          external_params[param] = '[FILTERED]' unless external_params[param].nil?
+        end
 
         if LogStasher.serialize_parameters?
           { :params => JSON.generate(external_params) }

data/lib/logstasher/version.rb

@@ -1,3 +1,3 @@
 module LogStasher
-  VERSION = '1.3.2'
+  VERSION = '1.4.0'
 end

data/lib/logstasher.rb

@@ -69,6 +69,14 @@ module LogStasher
 
       @silence_standard_logging
     end
+
+    def filter_parameters
+      @filter_parameters ||= ['password', 'password_confirmation']
+    end
+
+    def filter_parameters=(params)
+      @filter_parameters = params
+    end
   end
 end
 

data/spec/lib/logstasher/log_subscriber_spec.rb

@@ -35,11 +35,12 @@ describe LogStasher::LogSubscriber do
   describe '#process_action' do
     let(:timestamp) { ::Time.new.utc.iso8601(3) }
     let(:duration) { 12.4 }
+    let(:params) { {'foo' => 'bar'} }
     let(:json_params) { JSON.dump(payload[:params]) }
     let(:payload) {{
       :controller => 'users',
       :action     => 'show',
-      :params     => { 'foo' => 'bar' },
+      :params     => params,
       :format     => 'text/plain',
       :method     => 'method',
       :path       => '/users/1',
@@ -105,6 +106,32 @@ describe LogStasher::LogSubscriber do
       subject.process_action(event)
     end
 
+    it 'can be configured to filter out certain parameters' do
+      allow(::LogStasher).to receive(:filter_parameters).and_return(['foo'])
+
+      expect(logger).to receive(:<<) do |json|
+        expect(JSON.parse(json)['params']).to eq('{"foo":"[FILTERED]"}')
+      end
+
+      subject.process_action(event)
+    end
+
+    context 'with passwords in parameters' do
+      let(:params) do
+        {'password' => '1337passWORD', 'password_confirmation' => '1337passWORD'}
+      end
+
+      it 'filters them out by default' do
+        expect(logger).to receive(:<<) do |json|
+          expect(JSON.parse(json)['params']).to eq(
+            '{"password":"[FILTERED]","password_confirmation":"[FILTERED]"}'
+          )
+        end
+
+        subject.process_action(event)
+      end
+    end
+
     it 'includes redirect location in the log' do
       redirect_event = double(:payload => {:location => 'new/location'})
       subject.redirect_to(redirect_event)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rv-logstasher
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.4.0
 platform: ruby
 authors:
 - David Sevcik
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-03-16 00:00:00.000000000 Z
+date: 2016-09-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstash-event
@@ -144,3 +144,4 @@ test_files:
 - spec/lib/logstasher/railtie_spec.rb
 - spec/lib/logstasher_spec.rb
 - spec/spec_helper.rb
+has_rdoc: