module LogrageUtil

Utility functions used with Lograge generated by rockstart:security:lograge

Public Class Methods

format_rack_attack_blocklist(name, start, finish, request_id, payload) click to toggle source

format a blocklist.rack_attack message from rack:attack

# File lib/generators/rockstart/monitoring/lograge/templates/lograge_util.rb, line 12
def format_rack_attack_blocklist(name, start, finish, request_id, payload)
  format_rack_attack_event(name, start, finish, request_id, payload, status: 403)
end
format_rack_attack_event(name, start, finish, request_id, payload, status:) click to toggle source

rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/ParameterLists

# File lib/generators/rockstart/monitoring/lograge/templates/lograge_util.rb, line 17
def format_rack_attack_event(name, start, finish, request_id, payload, status:)
  req = payload[:request]
  matched_rule = req.env["rack.attack.matched"]

  filter_parameters = Rails.application.config.filter_parameters
  params = ActiveSupport::ParameterFilter.new(filter_parameters).filter(req.params)
  remote_ip = IpAnonymizer.mask_ip(req.ip) if req.ip.present?

  message_payload = {
    method: req.request_method,
    path: req.path,
    format: params[:format] || "html",
    controller: Rack::Attack.name,
    action: "#{name}[#{matched_rule}]",
    status: status,
    duration: (finish - start).to_f.round(2),
    params: params.except("controller", "action", "format", "id"),
    host: req.host,
    remote_ip: remote_ip,
    request_id: request_id
  }
  Lograge.lograge_config.formatter.call(message_payload)
end
format_rack_attack_throttle(name, start, finish, request_id, payload) click to toggle source

format a throttle.rack_attack message from rack:attack

# File lib/generators/rockstart/monitoring/lograge/templates/lograge_util.rb, line 7
def format_rack_attack_throttle(name, start, finish, request_id, payload)
  format_rack_attack_event(name, start, finish, request_id, payload, status: 429)
end