Http Requests Monitoring
Monitor your application behaviour during incoming http requests.
Introduction
To activate inspection when your application is executed by an incoming http request you can use the WebRequestMonitoring
middleware.
Thanks to the middleware you are free to decide on which routes you want activate monitoring, based on your routes configuration or on your personal monitoring preferences. WebRequestMonitoring
middleware works like any other Laravel middleware you are familiar to.
Option 1 - Append to the middleware groups (recommended)
Laravel 11
You should append the Inspector middleware in the bootstrap/app.php
file for web
and api
middleware groups, so in two lines of code you'll intercept all incoming http requests:
use \Inspector\Laravel\Middleware\WebRequestMonitoring;
return Application::configure(basePath: dirname(__DIR__))
->withMiddleware(function (Middleware $middleware) {
// Append the middleware
$middleware->appendToGroup('web', WebRequestMonitoring::class)
->appendToGroup('api', WebRequestMonitoring::class);
})
->create();
Previous Laravel versions (<= 10)
For previous Laravel version up to 10 you should append the Inspector middleware to the middleware gourps in the App\Http\Kernel
class:
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
...,
\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
],
'api' => [
...,
\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
]
]
Option 2 - Assigning middleware to routes
In alternative you can assign the middleware to specific routes or group:
/*
* Attach the "inspector" middleware in your routes
*/
Route::middleware(\Inspector\Laravel\Middleware\WebRequestMonitoring::class)
->group(function () {
// Monitored routes here
});
Ignore Http Requests
If you need to implement a custom logic to ignore requests, the middleware is also designed to be extended.
Overwriting the shouldRecorded()
method, you can implement a custom condition to decide which routes should be ignored by Inspector.
Run the artisan command below to create a new middleware class:
php artisan make:middleware InspectorMonitoringMiddleware
In the new middleware class extend the Inspector middleware and override the shouldRecorded()
method to implement your condition. Return back a boolean value to enable or disable monitoring:
use \Inspector\Laravel\Middleware\WebRequestMonitoring;
class InspectorMonitoringMiddleware extends WebRequestMonitoring
{
/**
* Determine if Inspector should record current request.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function shouldRecorded($request): bool
{
// Only requests from your IP addresses should be recorded
return in_array($request->ip(), ['xxx.xxx.xxx.xxx']);
}
}
Returning true
the current http request will be recorded in your dashboard, returning false
the transaction will be completely ignored.
The last step is to use this new custom middleware instead of the original Inspector middleware.
Laravel 11
use App\Http\Middleware\InspectorMonitoringMiddleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
// routes
)
->withMiddleware(function (Middleware $middleware) {
// Append the custom middleware
$middleware->appendToGroup('web', InspectorMonitoringMiddleware::class)
->appendToGroup('api', InspectorMonitoringMiddleware::class);
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();
Previosu Laravel version (<= 10)
use App\Http\Middleware\InspectorMonitoringMiddleware;
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
...,
//\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
InspectorMonitoringMiddleware::class,
],
'api' => [
...,
//\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
InspectorMonitoringMiddleware::class,
]
]
Hide sensible contents
You may hide sensible data from HTTP requests body and Headers like passwords, authorization token, etc. Inspector is able to detect that parameters in your request's content masking them with "******".
Simply add fields to the hidden_parameters
array in the in inspector config file:
'hidden_parameters' => [
'password',
'password_confirmation',
'Authorization',
// Other fields here...
],
You can specify nested fields using the dot notation like user.password
Last updated