From 6daf8c0b2b1909c0c08f868afcc47657fadbe5c4 Mon Sep 17 00:00:00 2001 From: Surya Sashank Nistala Date: Thu, 17 Aug 2023 15:44:41 -0700 Subject: [PATCH 1/3] obfuscate ip addresses in alert error message Signed-off-by: Surya Sashank Nistala --- .../commons/alerting/alerts/AlertError.kt | 11 +++++++- .../alerting/alerts/AlertErrorTests.kt | 25 +++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt diff --git a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt index b53ff4a4..c4789c45 100644 --- a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt +++ b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt @@ -12,7 +12,10 @@ import org.opensearch.core.xcontent.XContentParserUtils.ensureExpectedToken import java.io.IOException import java.time.Instant -data class AlertError(val timestamp: Instant, val message: String) : Writeable, ToXContent { +data class AlertError(val timestamp: Instant, var message: String) : Writeable, ToXContent { + init { + this.message = obfuscateIPAddresses(message) + } @Throws(IOException::class) constructor(sin: StreamInput) : this( @@ -55,6 +58,12 @@ data class AlertError(val timestamp: Instant, val message: String) : Writeable, fun readFrom(sin: StreamInput): AlertError { return AlertError(sin) } + + fun obfuscateIPAddresses(exceptionMessage: String): String { + val ipAddressPattern = "\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}" + val obfuscatedMessage = exceptionMessage.replace(ipAddressPattern.toRegex(), "X.X.X.X") + return obfuscatedMessage + } } override fun toXContent(builder: XContentBuilder, params: ToXContent.Params): XContentBuilder { diff --git a/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt new file mode 100644 index 00000000..69645479 --- /dev/null +++ b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt @@ -0,0 +1,25 @@ +package org.opensearch.commons.alerting.alerts + +import org.junit.Assert +import org.junit.jupiter.api.Test +import java.time.Instant + +class AlertErrorTests { + + @Test + fun `test alertError obfuscates IP addresses in message`() { + val message = + "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300][indices:admin/create]]; " + + "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300]" + + "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895" + + "dae7a24][10.212.77.91:9300][indices:admin/create]" + val alertError = AlertError(Instant.now(), message = message) + Assert.assertEquals( + alertError.message, + "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300][indices:admin/create]]; " + + "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300]" + + "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: " + + "[5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300][indices:admin/create]" + ) + } +} From db67d654bec907b68214e3388ee9d629f8e3e83b Mon Sep 17 00:00:00 2001 From: Surya Sashank Nistala Date: Thu, 17 Aug 2023 17:00:15 -0700 Subject: [PATCH 2/3] make ip obfuscation lower case Signed-off-by: Surya Sashank Nistala --- .../kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt index c4789c45..5c8aa4d3 100644 --- a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt +++ b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt @@ -61,7 +61,7 @@ data class AlertError(val timestamp: Instant, var message: String) : Writeable, fun obfuscateIPAddresses(exceptionMessage: String): String { val ipAddressPattern = "\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}" - val obfuscatedMessage = exceptionMessage.replace(ipAddressPattern.toRegex(), "X.X.X.X") + val obfuscatedMessage = exceptionMessage.replace(ipAddressPattern.toRegex(), "x.x.x.x") return obfuscatedMessage } } From eab148d8aae49e0415a7747d4a790572c2190a58 Mon Sep 17 00:00:00 2001 From: Surya Sashank Nistala Date: Fri, 8 Sep 2023 12:21:42 -0700 Subject: [PATCH 3/3] update test with lowercase ip obfuscation Signed-off-by: Surya Sashank Nistala --- .../opensearch/commons/alerting/alerts/AlertErrorTests.kt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt index 69645479..c5c6d439 100644 --- a/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt +++ b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt @@ -16,10 +16,10 @@ class AlertErrorTests { val alertError = AlertError(Instant.now(), message = message) Assert.assertEquals( alertError.message, - "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300][indices:admin/create]]; " + - "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300]" + + "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]]; " + + "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300]" + "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: " + - "[5f32db4e2a4fa94f6778cb895dae7a24][X.X.X.X:9300][indices:admin/create]" + "[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]" ) } }