Class: LogStruct::Log::Security

Inherits:

T::Struct

• Object
• T::Struct
• LogStruct::Log::Security

Extended by:

T::Sig

Includes:

AddRequestFields, Interfaces::AdditionalDataField, Interfaces::CommonFields, Interfaces::MessageField, Interfaces::RequestFields, MergeAdditionalDataFields, SerializeCommon

Defined in:

lib/log_struct/log/security.rb

Overview

Security log entry for structured logging of security-related events

Constant Summary

SecurityEvent =

T.type_alias {
  T.any(
    Event::IPSpoof,
    Event::CSRFViolation,
    Event::BlockedHost
  )
}

Instance Attribute Summary

• #additional_data ⇒ Hash{Symbol => T.untyped} readonly

  Additional data (merged into hash).

• #blocked_host ⇒ String^? readonly

  Returns the value of prop blocked_host.

• #blocked_hosts ⇒ Array<String>^? readonly

  Returns the value of prop blocked_hosts.

• #client_ip ⇒ String^? readonly

  Returns the value of prop client_ip.

• #event ⇒ SecurityEvent readonly

  Returns the value of prop event.

• #http_method ⇒ String^? readonly

  Returns the value of prop http_method.

• #level ⇒ Level readonly

  Returns the value of prop level.

• #message ⇒ String^? readonly

  Security-specific fields.

• #path ⇒ String^? readonly

  Common request fields.

• #referer ⇒ String^? readonly

  Returns the value of prop referer.

• #request_id ⇒ String^? readonly

  Returns the value of prop request_id.

• #source ⇒ Source::Security readonly

  Common fields.

• #source_ip ⇒ String^? readonly

  Returns the value of prop source_ip.

• #timestamp ⇒ Time readonly

  Returns the value of prop timestamp.

• #user_agent ⇒ String^? readonly

  Returns the value of prop user_agent.

• #x_forwarded_for ⇒ String^? readonly

  Returns the value of prop x_forwarded_for.

Instance Method Summary

• #initialize(source: T.let(Source::Security, Source::Security), event:, timestamp:, level: T.let(Level::Error, Level), message: nil, blocked_host: nil, blocked_hosts: nil, client_ip: nil, x_forwarded_for: nil, additional_data: {}, path: nil, http_method: nil, source_ip: nil, user_agent: nil, referer: nil, request_id: nil) ⇒ void constructor
• #serialize(strict = true) ⇒ Hash{Symbol => T.untyped}

  Convert the log entry to a hash for serialization.

Methods included from MergeAdditionalDataFields

#merge_additional_data_fields

Methods included from SerializeCommon

#as_json, #serialize_common

Methods included from AddRequestFields

#add_request_fields

Constructor Details

#initialize(source: T.let(Source::Security, Source::Security), event:, timestamp:, level: T.let(Level::Error, Level), message: nil, blocked_host: nil, blocked_hosts: nil, client_ip: nil, x_forwarded_for: nil, additional_data: {}, path: nil, http_method: nil, source_ip: nil, user_agent: nil, referer: nil, request_id: nil) ⇒ void

Parameters:

• source (Source::Security) (defaults to: T.let(Source::Security, Source::Security)) —

  Common fields

• event (SecurityEvent)
• timestamp (Time)
• level (Level) (defaults to: T.let(Level::Error, Level))
• message (String, nil) (defaults to: nil) —

  Security-specific fields

• blocked_host (String, nil) (defaults to: nil)
• blocked_hosts (Array<String>, nil) (defaults to: nil)
• client_ip (String, nil) (defaults to: nil)
• x_forwarded_for (String, nil) (defaults to: nil)
• additional_data (Hash{Symbol => T.untyped}) (defaults to: {}) —

  Additional data (merged into hash)

• path (String, nil) (defaults to: nil) —

  Common request fields

• http_method (String, nil) (defaults to: nil)
• source_ip (String, nil) (defaults to: nil)
• user_agent (String, nil) (defaults to: nil)
• referer (String, nil) (defaults to: nil)
• request_id (String, nil) (defaults to: nil)

# File ''

const :source, Source::Security, default: T.let(Source::Security, Source::Security)
const :event, SecurityEvent
const :timestamp, Time, factory: -> { Time.now }
const :level, Level, default: T.let(Level::Error, Level)
const :message, T.nilable(String), default: nil
const :blocked_host, T.nilable(String), default: nil
const :blocked_hosts, T.nilable(T::Array[String]), default: nil
const :client_ip, T.nilable(String), default: nil
const :x_forwarded_for, T.nilable(String), default: nil
const :additional_data, T::Hash[Symbol, T.untyped], default: {}
const :path, T.nilable(String), default: nil
const :http_method, T.nilable(String), default: nil, name: "method"
const :source_ip, T.nilable(String), default: nil
const :user_agent, T.nilable(String), default: nil
const :referer, T.nilable(String), default: nil
const :request_id, T.nilable(String), default: nil

Instance Attribute Details

#additional_data ⇒ Hash{Symbol => T.untyped} (readonly)

Additional data (merged into hash)

Returns:

• (Hash{Symbol => T.untyped})

# File ''

const :additional_data, T::Hash[Symbol, T.untyped], default: {}

#blocked_host ⇒ String^? (readonly)

Returns the value of prop blocked_host.

Returns:

• (String, nil)

# File ''

const :blocked_host, T.nilable(String), default: nil

#blocked_hosts ⇒ Array<String>^? (readonly)

Returns the value of prop blocked_hosts.

Returns:

• (Array<String>, nil)

# File ''

const :blocked_hosts, T.nilable(T::Array[String]), default: nil

#client_ip ⇒ String^? (readonly)

Returns the value of prop client_ip.

Returns:

• (String, nil)

# File ''

const :client_ip, T.nilable(String), default: nil

#event ⇒ SecurityEvent (readonly)

Returns the value of prop event.

Returns:

• (SecurityEvent)

# File ''

const :event, SecurityEvent

#http_method ⇒ String^? (readonly)

Returns the value of prop http_method.

Returns:

• (String, nil)

# File ''

const :http_method, T.nilable(String), default: nil, name: "method"

#level ⇒ Level (readonly)

Returns the value of prop level.

Returns:

• (Level)

# File ''

const :level, Level, default: T.let(Level::Error, Level)

#message ⇒ String^? (readonly)

Security-specific fields

Returns:

• (String, nil)

# File ''

const :message, T.nilable(String), default: nil

#path ⇒ String^? (readonly)

Common request fields

Returns:

• (String, nil)

# File ''

const :path, T.nilable(String), default: nil

#referer ⇒ String^? (readonly)

Returns the value of prop referer.

Returns:

• (String, nil)

# File ''

const :referer, T.nilable(String), default: nil

#request_id ⇒ String^? (readonly)

Returns the value of prop request_id.

Returns:

• (String, nil)

# File ''

const :request_id, T.nilable(String), default: nil

#source ⇒ Source::Security (readonly)

Common fields

Returns:

• (Source::Security)

# File ''

const :source, Source::Security, default: T.let(Source::Security, Source::Security)

#source_ip ⇒ String^? (readonly)

Returns the value of prop source_ip.

Returns:

• (String, nil)

# File ''

const :source_ip, T.nilable(String), default: nil

#timestamp ⇒ Time (readonly)

Returns the value of prop timestamp.

Returns:

• (Time)

# File ''

const :timestamp, Time, factory: -> { Time.now }

#user_agent ⇒ String^? (readonly)

Returns the value of prop user_agent.

Returns:

• (String, nil)

# File ''

const :user_agent, T.nilable(String), default: nil

#x_forwarded_for ⇒ String^? (readonly)

Returns the value of prop x_forwarded_for.

Returns:

• (String, nil)

# File ''

const :x_forwarded_for, T.nilable(String), default: nil

Instance Method Details

#serialize(strict = true) ⇒ Hash{Symbol => T.untyped}

Convert the log entry to a hash for serialization

Parameters:

• strict (Boolean) (defaults to: true)

Returns:

• (Hash{Symbol => T.untyped})

# File 'lib/log_struct/log/security.rb', line 64

def serialize(strict = true)
  hash = serialize_common(strict)
  add_request_fields(hash)
  merge_additional_data_fields(hash)

  # Add security-specific fields
  hash[LOG_KEYS.fetch(:message)] = message if message
  hash[LOG_KEYS.fetch(:blocked_host)] = blocked_host if blocked_host
  hash[LOG_KEYS.fetch(:blocked_hosts)] = blocked_hosts if blocked_hosts
  hash[LOG_KEYS.fetch(:client_ip)] = client_ip if client_ip
  hash[LOG_KEYS.fetch(:x_forwarded_for)] = x_forwarded_for if x_forwarded_for

  hash
end