What is this tool for?
Frontreport is useful only if you have an existing infrastructure for backend log aggregation. For example, we use ELK stack with RabbitMQ as a broker on top. So, your logging infrastructure may look like this:
Backend application → Logstash → RabbitMQ → Elastic RabbitMQ River → Elastic → Kibana
You may want to reuse this infrastructure to collect frontend logs from browsers of your visitors. So, you need to replace Logstash in the above scheme with something fast that can validate incoming JSON and manage high load by batching documents.
Frontreport does all that. Resulting architecture is something like the following:
Browser → Frontreport → RabbitMQ → Elastic RabbitMQ River → Elastic → Kibana
See code for details or ask us on Gitter.
Usage: frontreport [OPTIONS] Application Options: -p, --port= port to listen (default: 8888) [$FRONTREPORT_PORT] -a, --amqp= AMQP connection string (default: amqp://guest:guest@localhost:5672/) [$FRONTREPORT_AMQP] -s, --service-whitelist= allow reports only from this comma-separated list of services (allows all if not specified) [$FRONTREPORT_SERVICE_WHITELIST] -d, --domain-whitelist= allow CORS requests only from this comma-separated list of domains (allows all if not specified) [$FRONTREPORT_DOMAIN_WHITELIST] -t, --sourcemap-whitelist= trusted sourcemap pattern (regular expression), trust localhost only if not specified (default: ^(http|https)://localhost/) [$FRONTREPORT_SOURCEMAP_WHITELIST] -l, --logfile= log file name (writes to stdout if not specified) [$FRONTREPORT_LOGFILE] -g, --graphite= Graphite connection string for internal metrics [$FRONTREPORT_GRAPHITE] -r, --graphite-prefix= prefix for Graphite metrics [$FRONTREPORT_GRAPHITE_PREFIX] -v, --version print version and exit Help Options: -h, --help Show this help message
What can you collect from browsers?
- CSP violation reports. CSP stands for Content Security Policy. Send reports to
/_reports/cspor basically any URL that contains substring
- HPKP violation reports. HPKP stands for HTTP Public Key Pinning. URL must contain substring
- StacktraceJS reports. StacktraceJS is a JS library that collects unified stacktrace reports from any browser. URL must contain substring