-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow only certain whitelisted chars to be present in messages in order to avoid too much diversity #30
Comments
We can use this regex for default, but it can be changed with some environment. But limited by 50 chars. |
Agree. Maybe init-param "info-regex"? |
what about error-info-regex? info-regex maybe is too generic, info about what? |
That’s perfect! Even makes it more aligned to the attribute name set in request (error-info).
…Sent from my iPhone
On 17 May 2021, at 08:01, Carlos Eduardo Panarello ***@***.***> wrote:
what about error-info-regex? info-regex maybe is too generic, info about what?
This name will be relation only with error-info http header parameter.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
I created the PR #33 that accepts up to three environment variables: |
it would be great if you did that. |
In some cases the error-info message comes with variable parts in the message, like "message code" or "account code". As the message is a metrics label, each different string then creates whole new metrics, skyrocketing the number of different metrics (they are not summed), leading to memory leak on the client application, creating network bottlenecks and generating tons of data on Prometheus/Cortex or other infrastructure that will handle the metrics unnecessarily.
Some examples are "Account 546775 couldn't not be created", "There was an error processing your request. erroid=538-433.456", "There are 4 pending approvals for your profile".
Proposal
The proposal is to limit the permitted characters to a fixed whitelist through a regex expression, specially removing all numbers present in the message, thus avoiding the type of issues described as examples.
By applying the following regex cleanup code to the messages, the examples would become:
This way, even if the client sets the error-info attribute with numeric variables we won't have metrics diversification as it will be handled as the same metrics/message (after transformation).
What do you think?
The text was updated successfully, but these errors were encountered: