From 1a298d0fabba3bf300672e6e481a918b560e2928 Mon Sep 17 00:00:00 2001 From: Antoine Toulme Date: Fri, 1 Apr 2022 09:52:49 -0700 Subject: [PATCH] code review --- .../processor/filterlog/filterlog.go | 2 +- .../processor/filterlog/filterlog_test.go | 8 ++++++++ processor/attributesprocessor/README.md | 6 +++--- .../attributesprocessor/testdata/config.yaml | 18 ++++++++++++++++++ 4 files changed, 30 insertions(+), 4 deletions(-) diff --git a/internal/coreinternal/processor/filterlog/filterlog.go b/internal/coreinternal/processor/filterlog/filterlog.go index 4ee2343c0989..c22fee6188bb 100644 --- a/internal/coreinternal/processor/filterlog/filterlog.go +++ b/internal/coreinternal/processor/filterlog/filterlog.go @@ -89,7 +89,7 @@ func NewMatcher(mp *filterconfig.MatchProperties) (Matcher, error) { // supported to have more than one of these specified, and all specified must // evaluate to true for a match to occur. func (mp *propertiesMatcher) MatchLogRecord(lr pdata.LogRecord, resource pdata.Resource, library pdata.InstrumentationScope) bool { - if lr.Body().Type() == pdata.ValueTypeString && mp.bodyFilters.Matches(lr.Body().StringVal()) { + if lr.Body().Type() == pdata.ValueTypeString && mp.bodyFilters != nil && mp.bodyFilters.Matches(lr.Body().StringVal()) { return true } diff --git a/internal/coreinternal/processor/filterlog/filterlog_test.go b/internal/coreinternal/processor/filterlog/filterlog_test.go index 9fc6c862e7a5..8aa0440048ce 100644 --- a/internal/coreinternal/processor/filterlog/filterlog_test.go +++ b/internal/coreinternal/processor/filterlog/filterlog_test.go @@ -150,10 +150,18 @@ func TestLogRecord_Matching_True(t *testing.T) { }, }, }, + { + name: "log_body_regexp_match", + properties: &filterconfig.MatchProperties{ + Config: *createConfig(filterset.Regexp), + LogBodies: []string{"AUTH.*"}, + }, + }, } lr := pdata.NewLogRecord() lr.Attributes().InsertString("abc", "def") + lr.Body().SetStringVal("AUTHENTICATION FAILED") for _, tc := range testcases { t.Run(tc.name, func(t *testing.T) { diff --git a/processor/attributesprocessor/README.md b/processor/attributesprocessor/README.md index 1cdc5a89ecdf..6a2270fc0f6a 100644 --- a/processor/attributesprocessor/README.md +++ b/processor/attributesprocessor/README.md @@ -166,13 +166,13 @@ if the input data should be included or excluded from the processor. To configur this option, under `include` and/or `exclude` at least `match_type` and one of the following is required: - For spans, one of `services`, `span_names`, `attributes`, `resources`, or `libraries` must be specified -with a non-empty value for a valid configuration. The `log_names`, `expressions`, `resource_attributes` and +with a non-empty value for a valid configuration. The `log_names`, `log_bodies`, `expressions`, `resource_attributes` and `metric_names` fields are invalid. -- For logs, one of `log_names`, `attributes`, `resources`, or `libraries` must be specified with a +- For logs, one of `log_names`, `log_bodies`, `attributes`, `resources`, or `libraries` must be specified with a non-empty value for a valid configuration. The `span_names`, `metric_names`, `expressions`, `resource_attributes`, and `services` fields are invalid. - For metrics, one of `metric_names`, `resources` must be specified -with a valid non-empty value for a valid configuration. The `span_names`, `log_names`, and +with a valid non-empty value for a valid configuration. The `span_names`, `log_names`, `log_bodies` and `services` fields are invalid. diff --git a/processor/attributesprocessor/testdata/config.yaml b/processor/attributesprocessor/testdata/config.yaml index e8a7428c34d7..2c68eb918de6 100644 --- a/processor/attributesprocessor/testdata/config.yaml +++ b/processor/attributesprocessor/testdata/config.yaml @@ -307,6 +307,24 @@ processors: action: update value: "SELECT * FROM USERS [obfuscated]" + + # The following demonstrates how to process logs that have a body that match regexp + # patterns. This processor will remove "token" attribute and will obfuscate "password" + # attribute in spans where body matches "AUTH.*". + attributes/log_body_regexp: + # Specifies the span properties that must exist for the processor to be applied. + include: + # match_type defines that "services" is an array of regexp-es. + match_type: regexp + # The span service name must match "auth.*" pattern. + log_bodies: ["AUTH.*"] + actions: + - key: password + action: update + value: "obfuscated" + - key: token + action: delete + receivers: nop: