# Http Requests Monitoring ### Introduction To activate inspection when your application is executed by an incoming http request you can use the `WebRequestMonitoring` middleware. Thanks to the middleware you are free to decide on which routes you want activate monitoring, based on your routes configuration or on your personal monitoring preferences. `WebRequestMonitoring` middleware works like any other Laravel middleware you are familiar to. {% hint style="info" %} If you use Laravel Octane to serve your application you should use the specialized middleware instead. [**Go to the Octane integration guide**](https://docs.inspector.dev/guides/laravel/laravel-octane). {% endhint %} ### Option 1 - Append to the middleware groups (recommended) #### Laravel >=11 You should append the Inspector middleware in the `bootstrap/app.php` file for `web` and `api` middleware groups, so in two lines of code you'll intercept all incoming http requests: {% code title="boostrap/app.php" lineNumbers="true" %} ```php use \Inspector\Laravel\Middleware\WebRequestMonitoring; return Application::configure(basePath: dirname(__DIR__)) ->withMiddleware(function (Middleware $middleware) { // Append the middleware $middleware->appendToGroup('web', WebRequestMonitoring::class) ->appendToGroup('api', WebRequestMonitoring::class); }) ->create(); ``` {% endcode %} #### Previous Laravel versions (<= 10) For previous Laravel version up to 10 you should append the Inspector middleware to the middleware gourps in the `App\Http\Kernel` class: {% code title="" %} ```php /** * The application's route middleware groups. * * @var array */ protected $middlewareGroups = [ 'web' => [ ..., \Inspector\Laravel\Middleware\WebRequestMonitoring::class, ], 'api' => [ ..., \Inspector\Laravel\Middleware\WebRequestMonitoring::class, ] ] ``` {% endcode %} ### Option 2 - Assigning middleware to routes In alternative you can assign the middleware to specific routes or group: ```php /* * Attach the "inspector" middleware in your routes */ Route::middleware(\Inspector\Laravel\Middleware\WebRequestMonitoring::class) ->group(function () { // Monitored routes here }); ``` ### Ignore Http Requests {% hint style="info" %} Basic ignoring logic is supported by default via a simple configuration parameter. [**Learn more here**](https://docs.inspector.dev/guides/laravel/configuration#ignore-urls). {% endhint %} If you need to implement a custom logic to ignore requests, the middleware is also designed to be extended. Overwriting the `shouldRecorded()` method, you can implement a custom condition to decide which routes should be ignored by Inspector. Run the artisan command below to create a new middleware class: ```php php artisan make:middleware InspectorMonitoringMiddleware ``` In the new middleware class extend the Inspector middleware and override the `shouldRecorded()` method to implement your condition. Return back a boolean value to enable or disable monitoring: ```php use \Inspector\Laravel\Middleware\WebRequestMonitoring; class InspectorMonitoringMiddleware extends WebRequestMonitoring { /** * Determine if Inspector should record current request. * * @param \Illuminate\Http\Request $request * @return bool */ protected function shouldRecorded($request): bool { // Only requests from your IP addresses should be recorded return in_array($request->ip(), ['xxx.xxx.xxx.xxx']); } } ``` Returning `true` the current http request will be recorded in your dashboard, returning `false` the transaction will be completely ignored. The last step is to use this new custom middleware instead of the original Inspector middleware. #### Laravel >=11 {% code title="bootstrap/app.php" %} ```php use App\Http\Middleware\InspectorMonitoringMiddleware; return Application::configure(basePath: dirname(__DIR__)) ->withRouting( // routes ) ->withMiddleware(function (Middleware $middleware) { // Append the custom middleware $middleware->appendToGroup('web', InspectorMonitoringMiddleware::class) ->appendToGroup('api', InspectorMonitoringMiddleware::class); }) ->withExceptions(function (Exceptions $exceptions) { // })->create(); ``` {% endcode %} #### Previosu Laravel version (<= 10) {% code title="app/Http/Kernel.php" %} ```php use App\Http\Middleware\InspectorMonitoringMiddleware; /** * The application's route middleware groups. * * @var array */ protected $middlewareGroups = [ 'web' => [ ..., //\Inspector\Laravel\Middleware\WebRequestMonitoring::class, InspectorMonitoringMiddleware::class, ], 'api' => [ ..., //\Inspector\Laravel\Middleware\WebRequestMonitoring::class, InspectorMonitoringMiddleware::class, ] ] ``` {% endcode %} ### Hide sensible contents You may hide sensible data from HTTP requests body and Headers like passwords, authorization token, etc. Inspector is able to detect that parameters in your request's content masking them with "\*\*\*\*\*\*". Simply add fields to the `hidden_parameters` array in the in inspector config file: ```php 'hidden_parameters' => [ 'password', 'password_confirmation', 'Authorization', // Other fields here... ], ``` You can specify nested fields using the dot notation like `user.password` ### MCP server monitoring If you are exposing an MCP server to make AI Agents able to interact with it, you could be interested in measuring it's usage and performance. To do this you can use the `MCPRequestMonitoring` middleware that capture the underlying MCP object the client is requesting allowing you to have full visbility into your MCP server operations. Use the middleware in the `routes/ai.php` file on the MCP servers you are exposing: ```php middleware([ 'auth:api', 'throttle:mcp', McpRequestMonitoring::class, // <-- The monitoring middleware here ]); ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.inspector.dev/guides/laravel/http-requests-monitoring.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.