Skip to main content

HAR Log Collector

Lunar can be easily set up to collect comprehensive HTTP Archive (HAR) logs on the traffic passing through it. These logs can then be exported to a file or AWS S3 and analyzed. The collector can be configured to obfuscate sensitive information from the body, headers, query parameters and path parameters.

Set Up HAR Log Collector Diagnosis Plugin

Global Example

You have the flexibility to configure the HAR Log Collector diagnosis plugin either globally or per endpoint.

/etc/lunar-proxy/policies.yaml
global:
diagnosis:
- name: "Global HAR Log Collector"
enabled: true
config:
har_exporter:
transaction_max_size: 5000
obfuscate:
enabled: true
export: "file"

Endpoint-specific Example

/etc/lunar-proxy/policies.yaml
endpoints:
- url: api.com/resource/{id}
method: PUT
diagnosis:
- name: "api.com HAR Log Collector"
enabled: true
config:
har_exporter:
transaction_max_size: 5000
obfuscate:
enabled: true
export: "file"

Configuration

The following fields can be customized within the diagnosis plugin configuration:

  • transaction_max_size: Specifies the maximum size for each HTTP transaction (request + response) to be stored in a single HAR file. If the size of a transaction exceeds this value, it will be ignored.
  • obfuscate: Specifies whether to obfuscate sensitive information from the body, headers, query parameters and path parameters. The default value is enabled: false.
  • obfuscate.exclusions: Only relevant if obfuscation is enabled. Specifies a list of request/response header names, request/response body paths, query parameters names and/or path parameters names to exclude from obfuscation. If obfuscation is enabled, the fields specified in this list will not be obfuscated. The following fields can be specified:
    • query_params
    • path_params
    • request_headers
    • response_headers
    • request_body_paths
    • response_body_paths

For example:

obfuscate:
enabled: true
exclusions:
query_params:
- "id"
request_body_paths:
- "user.name"
response_headers:
- "Retry-After"

This configuration will obfuscate all query parameters except for id, all request body paths except for user.name and all response headers except for Retry-After.

Supported Exporters

note
  • The plugin can export data to file or S3.
  • If the obfuscate field is not specified, the plugin will not obfuscate any sensitive information.
  • If obfuscate is enabled, the plugin will obfuscate all query parameter values, path parameter values, request/response header values, request/response body values by default.
  • Obfuscation is done by replacing the original value with a hash of that value. This means that the obfuscated value will be the same for the same original value. For example, if the original value of a query parameter is 123, the obfuscated value will always be the same hash of 123.
caution

Query parameter names and path parameter names are not obfuscated. Only their values are obfuscated. The same goes for request/response header names and request/response body paths.

Click me for guidance 😀