Inspector
BlogTry for free
  • Concepts
    • Introduction
    • Metrics
    • Notification Channels
      • Email
      • Slack
      • Telegram
      • Microsoft Teams
      • Google Chat
      • Webhook
      • Discord
      • Pushover
      • PagerDuty
      • Twilio - SMS
    • Filtering Syntax
    • Alerts
    • Grouping Patterns
    • Custom Segments
    • Billing
    • AI Bug Fixer
  • Security and access
    • Access control
    • Two-factor authentication
    • Connected Devices
  • SDK
    • PHP
      • Installation & Set Up
      • Custom Segments
      • Exceptions Monitoring
      • Configuration
    • Laravel / Lumen
      • Upgrade Guide
      • Installation & Set-up
      • Http Requests Monitoring
      • Configuration
      • Exception Monitoring
      • Laravel Vapor
      • Laravel Octane
      • Laravel Nova Tool
      • Group by service name
    • Symfony
      • Installation
      • Configuration
      • Exception Monitoring
    • CodeIgniter
      • Installation
      • Configuration
      • Exception Monitoring
    • Drupal
    • Spring Boot
    • Slim
    • NodeJS
      • Configurations
      • Custom Segments
      • Exception monitoring
      • Autowiring
    • ExpressJs
    • Fastify
    • Python
    • Django
      • Installation & Set Up
      • Custom Segments
      • Error Monitoring
  • REST API
    • Authentication
    • Apps
    • Platforms
    • Transactions
    • Segments
    • Analytics
Powered by GitBook
On this page
  • Introduction
  • Option 1 - Append to the middleware groups (recommended)
  • Option 2 - Assigning middleware to routes
  • Ignore Http Requests
  • Hide sensible contents
  1. SDK
  2. Laravel / Lumen

Http Requests Monitoring

Monitor your application behaviour during incoming http requests.

PreviousInstallation & Set-upNextConfiguration

Last updated 3 months ago

Introduction

To activate inspection when your application is executed by an incoming http request you can use the WebRequestMonitoring middleware.

Thanks to the middleware you are free to decide on which routes you want activate monitoring, based on your routes configuration or on your personal monitoring preferences. WebRequestMonitoring middleware works like any other Laravel middleware you are familiar to.

If you use Laravel Octane to serve your application you should use the specialized middleware instead. .

Option 1 - Append to the middleware groups (recommended)

Laravel 11

You should append the Inspector middleware in the bootstrap/app.php file for web and api middleware groups, so in two lines of code you'll intercept all incoming http requests:

boostrap/app.php
use \Inspector\Laravel\Middleware\WebRequestMonitoring;

return Application::configure(basePath: dirname(__DIR__))
    ->withMiddleware(function (Middleware $middleware) {
        // Append the middleware
        $middleware->appendToGroup('web', WebRequestMonitoring::class)
            ->appendToGroup('api', WebRequestMonitoring::class);
    })
    ->create();

Previous Laravel versions (<= 10)

For previous Laravel version up to 10 you should append the Inspector middleware to the middleware gourps in the App\Http\Kernel class:

/**
 * The application's route middleware groups.
 *
 * @var  array
 */
protected $middlewareGroups = [
    'web' => [
        ...,
        \Inspector\Laravel\Middleware\WebRequestMonitoring::class,
    ],

    'api' => [
        ...,
        \Inspector\Laravel\Middleware\WebRequestMonitoring::class,
    ]
]

Option 2 - Assigning middleware to routes

In alternative you can assign the middleware to specific routes or group:

/*
 * Attach the "inspector" middleware in your routes
 */
Route::middleware(\Inspector\Laravel\Middleware\WebRequestMonitoring::class)
    ->group(function () {
        // Monitored routes here
    });

Ignore Http Requests

If you need to implement a custom logic to ignore requests, the middleware is also designed to be extended.

Overwriting the shouldRecorded() method, you can implement a custom condition to decide which routes should be ignored by Inspector.

Run the artisan command below to create a new middleware class:

php artisan make:middleware InspectorMonitoringMiddleware

In the new middleware class extend the Inspector middleware and override the shouldRecorded() method to implement your condition. Return back a boolean value to enable or disable monitoring:

use \Inspector\Laravel\Middleware\WebRequestMonitoring;

class InspectorMonitoringMiddleware extends WebRequestMonitoring
{
    /**
     * Determine if Inspector should record current request.
     *
     * @param \Illuminate\Http\Request $request
     * @return bool
     */
    protected function shouldRecorded($request): bool
    {
        // Only requests from your IP addresses should be recorded
        return in_array($request->ip(), ['xxx.xxx.xxx.xxx']);
    }
}

Returning true the current http request will be recorded in your dashboard, returning false the transaction will be completely ignored.

The last step is to use this new custom middleware instead of the original Inspector middleware.

Laravel 11

bootstrap/app.php
use App\Http\Middleware\InspectorMonitoringMiddleware;

return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        // routes
    )
    ->withMiddleware(function (Middleware $middleware) {
        // Append the custom middleware
        $middleware->appendToGroup('web', InspectorMonitoringMiddleware::class)
            ->appendToGroup('api', InspectorMonitoringMiddleware::class);
    })
    ->withExceptions(function (Exceptions $exceptions) {
        //
    })->create();

Previosu Laravel version (<= 10)

app/Http/Kernel.php
use App\Http\Middleware\InspectorMonitoringMiddleware;

/**
 * The application's route middleware groups.
 *
 * @var  array
 */
protected $middlewareGroups = [
    'web' => [
        ...,
        //\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
        InspectorMonitoringMiddleware::class,
    ],

    'api' => [
        ...,
        //\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
        InspectorMonitoringMiddleware::class,
    ]
]

Hide sensible contents

You may hide sensible data from HTTP requests body and Headers like passwords, authorization token, etc. Inspector is able to detect that parameters in your request's content masking them with "******".

Simply add fields to the hidden_parameters array in the in inspector config file:

'hidden_parameters' => [
    'password',
    'password_confirmation',
    'Authorization',
    
    // Other fields here...
],

You can specify nested fields using the dot notation like user.password

Basic ignoring logic is supported by default via a simple configuration parameter. .

Go to the Octane integration guide
Learn more here