From b8e6e75e1f51df9bd4c7209bbe71764552996f3d Mon Sep 17 00:00:00 2001 From: Surya Sashank Nistala Date: Fri, 8 Sep 2023 12:42:07 -0700 Subject: [PATCH] obfuscate ip addresses in alert error message (#511) * obfuscate ip addresses in alert error message Signed-off-by: Surya Sashank Nistala * make ip obfuscation lower case Signed-off-by: Surya Sashank Nistala * update test with lowercase ip obfuscation Signed-off-by: Surya Sashank Nistala --------- Signed-off-by: Surya Sashank Nistala --- .../commons/alerting/alerts/AlertError.kt | 11 +++++++- .../alerting/alerts/AlertErrorTests.kt | 25 +++++++++++++++++++ 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt diff --git a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt index b53ff4a4..5c8aa4d3 100644 --- a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt +++ b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt @@ -12,7 +12,10 @@ import org.opensearch.core.xcontent.XContentParserUtils.ensureExpectedToken import java.io.IOException import java.time.Instant -data class AlertError(val timestamp: Instant, val message: String) : Writeable, ToXContent { +data class AlertError(val timestamp: Instant, var message: String) : Writeable, ToXContent { + init { + this.message = obfuscateIPAddresses(message) + } @Throws(IOException::class) constructor(sin: StreamInput) : this( @@ -55,6 +58,12 @@ data class AlertError(val timestamp: Instant, val message: String) : Writeable, fun readFrom(sin: StreamInput): AlertError { return AlertError(sin) } + + fun obfuscateIPAddresses(exceptionMessage: String): String { + val ipAddressPattern = "\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}" + val obfuscatedMessage = exceptionMessage.replace(ipAddressPattern.toRegex(), "x.x.x.x") + return obfuscatedMessage + } } override fun toXContent(builder: XContentBuilder, params: ToXContent.Params): XContentBuilder { diff --git a/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt new file mode 100644 index 00000000..c5c6d439 --- /dev/null +++ b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt @@ -0,0 +1,25 @@ +package org.opensearch.commons.alerting.alerts + +import org.junit.Assert +import org.junit.jupiter.api.Test +import java.time.Instant + +class AlertErrorTests { + + @Test + fun `test alertError obfuscates IP addresses in message`() { + val message = + "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300][indices:admin/create]]; " + + "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300]" + + "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895" + + "dae7a24][10.212.77.91:9300][indices:admin/create]" + val alertError = AlertError(Instant.now(), message = message) + Assert.assertEquals( + alertError.message, + "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]]; " + + "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300]" + + "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: " + + "[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]" + ) + } +}