-
Notifications
You must be signed in to change notification settings - Fork 12.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API: Include IP address when logging request error #21596
API: Include IP address when logging request error #21596
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@thedeveloperr thanks. Sorry it taken me long time to come back to this one. After consideration I've notice that our router logging middleware (when enabled) includes remote_addr, <ip>
why I suggest to revert your change to middleware.go and in addition log IP address on error in common.go:
diff --git a/pkg/api/common.go b/pkg/api/common.go
index 0f81e30..7f87925 100644
--- a/pkg/api/common.go
+++ b/pkg/api/common.go
@@ -47,7 +47,7 @@ func Wrap(action interface{}) macaron.Handler {
func (r *NormalResponse) WriteTo(ctx *m.ReqContext) {
if r.err != nil {
- ctx.Logger.Error(r.errMessage, "error", r.err)
+ ctx.Logger.Error(r.errMessage, "error", r.err, "remote_addr", ctx.RemoteAddr())
}
header := ctx.Resp.Header()
So remove changes from middleware.go but add here in common.go ? |
Yes, please :) Eager to merge once its been fixed. |
This will provide additional security information on failed login and also help integrate services like Fail2Ban to detect brute force attacks.
4ab7b6d
to
5043eab
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thank you for contributing to Grafana! |
What this PR does / why we need it:
This will provide additional security information on failed login
and also help integrate services like Fail2Ban to detect brute
force attacks.
Which issue(s) this PR fixes:
Fixes #21310
Special notes for your reviewer:
In my local dev setup, e2e tests were failing due to some phantomjs installation issue, I create this PR to run tests on circle ci to ensure my changes are not failing any tests. Also this log line didn't fail any backend test so didn't write my own test. Do you need me to write test for this change ?