rv-logstasher 1.3.2 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 10724cd9756c33b80e7fda244c674ce229b6edd2
4
- data.tar.gz: c768f4a33afcc437d6028174d3302309196205d4
3
+ metadata.gz: ea6daba64559c9c69a821753732edf9e8b77edaa
4
+ data.tar.gz: 554087f41c7d7020a63f4b33d1c03a1cdc4c88b7
5
5
  SHA512:
6
- metadata.gz: c90df87fc2e047ec1e26d192b89b6095ed608c8b5a44565298878bdd4e422e6aac4d981436de12d791c21adae5ab58077f6720e23cbbc9812df467c544da9b68
7
- data.tar.gz: f4d9c874c1d070350b1006d1334beb42a3712ced5bb385da95bc3ce978e0ea8df673f709921f9dfcd7404e6f12f2a8218a4afdc55991512d73300a100c2fac82
6
+ metadata.gz: 8fdc8e9a709c4e1986e94d3c64d1ab6e8d46648635e845d18ca8f732daca8adb419fe45818867f457dd7d584cbe1c4ace989f44a2ed0b0756a27cc49a2c48466
7
+ data.tar.gz: 6efb4264890e4d316fb5ca027436aec251f3007ead6d037b02b6423014b899217ce6bb99735c084ab97e2b32d53de6f91eb6d6d23cd38f3a8887099d7f2c64cd
data/README.md CHANGED
@@ -76,16 +76,32 @@ it is left upto you to add them. Here's how to do it:
76
76
  end
77
77
  end
78
78
 
79
+ ### Filtering out controller params
80
+
81
+ You may not want to log certain parameters which have sensitive information in
82
+ them, e.g. `password`. This can be set using the `filter_parameters` option:
83
+
84
+ # Filter out some field you don't want to show
85
+ config.logstasher.filter_parameters << 'foo'
86
+
87
+ Note that by default this is set to `['password', 'password_confirmation']`, so
88
+ be careful when explicitly setting, as you may lose this filtering:
89
+
90
+ # NOTE: password and password_confirmation will no longer be filtered
91
+ config.logstasher.filter_parameters = ['foo']
92
+
93
+ Any filtered parameter will still show in the `params` field, but it's value
94
+ will be `[FILTERED]`.
95
+
79
96
  ## Installation for Grape Application
80
97
 
81
- ### In your Gemfile:
98
+ ### In your Gemfile:
82
99
 
83
100
  gem "rv-logstasher"
84
101
  gem "grape_logging"
85
-
86
-
102
+
87
103
  ### Init logger:
88
-
104
+
89
105
  module TestApp
90
106
  def self.logger
91
107
  @logger ||= LogStasher.logger_for_app('app_name', Rack::Directory.new("").root, STDOUT)
@@ -93,14 +109,14 @@ it is left upto you to add them. Here's how to do it:
93
109
  end
94
110
 
95
111
  ### Setup Grape request/exception logging
96
-
112
+
97
113
  module TestApp
98
114
  class API < Grape::API
99
115
  logger TestApp.logger
100
116
  use GrapeLogging::Middleware::RequestLogger, logger: TestApp.logger
101
-
117
+
102
118
  rescue_from TestApp::NotFound do |err|
103
- # Tag your exception
119
+ # Tag your exception
104
120
  API.logger.info(exception: err, tags: "rescued_exception", status: 404)
105
121
  error_response(message: "Not found", status: 404)
106
122
  end
@@ -112,8 +128,6 @@ it is left upto you to add them. Here's how to do it:
112
128
  end
113
129
  end
114
130
 
115
-
116
-
117
131
  ## Copyright
118
132
 
119
133
  Copyright (c) 2016 Reevoo Ltd, released under the MIT license
@@ -93,6 +93,9 @@ module LogStasher
93
93
  def extract_parameters(payload)
94
94
  if LogStasher.include_parameters?
95
95
  external_params = payload[:params].except(*INTERNAL_PARAMS)
96
+ LogStasher.filter_parameters.each do |param|
97
+ external_params[param] = '[FILTERED]' unless external_params[param].nil?
98
+ end
96
99
 
97
100
  if LogStasher.serialize_parameters?
98
101
  { :params => JSON.generate(external_params) }
@@ -1,3 +1,3 @@
1
1
  module LogStasher
2
- VERSION = '1.3.2'
2
+ VERSION = '1.4.0'
3
3
  end
data/lib/logstasher.rb CHANGED
@@ -69,6 +69,14 @@ module LogStasher
69
69
 
70
70
  @silence_standard_logging
71
71
  end
72
+
73
+ def filter_parameters
74
+ @filter_parameters ||= ['password', 'password_confirmation']
75
+ end
76
+
77
+ def filter_parameters=(params)
78
+ @filter_parameters = params
79
+ end
72
80
  end
73
81
  end
74
82
 
@@ -35,11 +35,12 @@ describe LogStasher::LogSubscriber do
35
35
  describe '#process_action' do
36
36
  let(:timestamp) { ::Time.new.utc.iso8601(3) }
37
37
  let(:duration) { 12.4 }
38
+ let(:params) { {'foo' => 'bar'} }
38
39
  let(:json_params) { JSON.dump(payload[:params]) }
39
40
  let(:payload) {{
40
41
  :controller => 'users',
41
42
  :action => 'show',
42
- :params => { 'foo' => 'bar' },
43
+ :params => params,
43
44
  :format => 'text/plain',
44
45
  :method => 'method',
45
46
  :path => '/users/1',
@@ -105,6 +106,32 @@ describe LogStasher::LogSubscriber do
105
106
  subject.process_action(event)
106
107
  end
107
108
 
109
+ it 'can be configured to filter out certain parameters' do
110
+ allow(::LogStasher).to receive(:filter_parameters).and_return(['foo'])
111
+
112
+ expect(logger).to receive(:<<) do |json|
113
+ expect(JSON.parse(json)['params']).to eq('{"foo":"[FILTERED]"}')
114
+ end
115
+
116
+ subject.process_action(event)
117
+ end
118
+
119
+ context 'with passwords in parameters' do
120
+ let(:params) do
121
+ {'password' => '1337passWORD', 'password_confirmation' => '1337passWORD'}
122
+ end
123
+
124
+ it 'filters them out by default' do
125
+ expect(logger).to receive(:<<) do |json|
126
+ expect(JSON.parse(json)['params']).to eq(
127
+ '{"password":"[FILTERED]","password_confirmation":"[FILTERED]"}'
128
+ )
129
+ end
130
+
131
+ subject.process_action(event)
132
+ end
133
+ end
134
+
108
135
  it 'includes redirect location in the log' do
109
136
  redirect_event = double(:payload => {:location => 'new/location'})
110
137
  subject.redirect_to(redirect_event)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rv-logstasher
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.2
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Sevcik
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2016-03-16 00:00:00.000000000 Z
12
+ date: 2016-09-16 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: logstash-event
@@ -144,3 +144,4 @@ test_files:
144
144
  - spec/lib/logstasher/railtie_spec.rb
145
145
  - spec/lib/logstasher_spec.rb
146
146
  - spec/spec_helper.rb
147
+ has_rdoc: