module Bosh::Director::Api::Extensions::SyslogRequestLogger
Constants
- DESIRED_HEADERS
Public Instance Methods
log_request_to_syslog()
click to toggle source
# File lib/bosh/director/api/extensions/syslog_request_logger.rb, line 24 def log_request_to_syslog after do if @config.log_access_events_to_syslog && RUBY_VERSION.to_i > 1 header_string = '' filtered_headers = request.env.select { |key, _| DESIRED_HEADERS.include?(key) } .collect { |key, value| [key.sub(/^HTTP_/, ''), value] } filtered_headers.each do |header_set| header_string += header_set[0] + "\=" + header_set[1] + "&" end header_string = header_string[0..-2] if !header_string.empty? filtered_ip_list = Socket.ip_address_list .reject { |addr| !addr.ip? || addr.ipv4_loopback? || addr.ipv6_loopback? } .map { |addr| addr.ip_address } cef_version = 0 device_vendor = 'CloudFoundry' device_product = 'BOSH' device_version = Bosh::Director::VERSION signature_id = 'director_api' name = "#{request.path}" severity = response.status >= 400 ? 7 : 1 extension = '' if @user extension += "duser=#{@user.username} " if @user.username extension += "requestClientApplication=#{@user.client} " if @user.client end extension += "requestMethod=#{request.request_method} src=#{request.ip} spt=#{@config.port}" + " shost=#{Socket.gethostname}" + " cs1=#{filtered_ip_list.join(',')} cs1Label=ips" + " cs2=#{header_string} cs2Label=httpHeaders" + " cs3=#{current_user.nil? ? 'none' : identity_provider.client_info['type']} cs3Label=authType" + " cs4=#{response.status} cs4Label=responseStatus" if response.status >= 400 extension += " cs5=#{response.body.join('')[0...500].strip} cs5Label=statusReason" end cef_log = 'CEF:%i|%s|%s|%s|%s|%s|%s|%s' % [cef_version, device_vendor, device_product, device_version, signature_id, name, severity, extension] cef_log_encoded = cef_log.force_encoding(Encoding::UTF_8) Syslog::Logger.new('vcap.bosh.director').info(cef_log_encoded) end end end