Http Requests Monitoring

Monitor your application behaviour during incoming http requests.

Introduction

To activate inspection when your application is executed by an incoming http request you can use the WebRequestMonitoring middleware.

Thanks to the middleware you are free to decide on which routes you want activate monitoring, based on your routes configuration or on your personal monitoring preferences. WebRequestMonitoring middleware works like any other Laravel middleware you are familiar to.

To get more information on how middlewares works in Laravel, take a look at Laravel's official documentation.

Basically you can attach the middleware in the App\Http\Kernel class in one or more of your predefined middleware groups:

/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
...,
\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
],
'api' => [
...,
\Inspector\Laravel\Middleware\WebRequestMonitoring::class,
]
]

Usually web and api middleare groups wrap your entire application, so in two lines of code you can monitoring all incoming http requests.

Option 2 - Use as middleware key

In alternative you can create a middleware key so you can attach it in a specific route or group:

/*
* Create a new middleware key (inspector) in your \App\Http\Kernel class.
*/
protected $routeMiddleware = [
...,
'inspector' => \Inspector\Laravel\Middleware\WebRequestMonitoring::class,
];

Use "inspector" middleware key in you routes:

/*
* Attach the "inspector" middleware in your routes
*/
Route::prefix('app')->middleware('inspector')->group(function () {
...
});

Ignore Web Requests

Inspector provide a basic strategy to turn off monitoring in certain part of your application, but the middleware is designed to allows you to extend it and add your own strategy overwriting shouldRecorded method that should return a boolean to determine if the current request should be recorded or not.

Run the artisan command below to create a new middleware class:

php artisan make:middleware InspectorFilterMonitoringMiddleware

In the new middleware class just override shouldRecorded method to implement your filtering strategy:

<?php
use \Inspector\Laravel\Middleware\WebRequestMonitoring;
class InspectorFilterMonitoringMiddleware extends WebRequestMonitoring
{
/**
* Determine if Inspector should record current request.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function shouldRecorded($request): bool
{
return $request->userAgent() === 'Reliable User Agent';
}
}

Hide sensible contents

You may hide sensible data from HTTP reuqests body like passwords. Inspector is able to detect that parameters in your request's body masking their content with a simple "******".

Simply add fields to the hidden_parameters array in the in inspector config file:

'hidden_parameters' => [
'password',
'password_confirmation',
// Other fields here...
],

You can specify nested fields using the dot notation like user.password

Identify Controller/Method execution

If you prefer to have a clear visibility of what controller and method are executed based on any HTTP request instead of the request path, you can use the code below inside the boot method of one of your ServiceProvider.

Maybe the best place could be EventsServiceProvider.

use Illuminate\Routing\Events\RouteMatched;
/**
* Register any events for your application.
*
* @return void
*/
public function boot()
{
parent::boot();
/*
* Changes the way inspector reports transactions in your dashboard.
*/
Event::listen(RouteMatched::class, function(RouteMatched $event) {
$name = $event->route->getActionName();
if(inspector()->isRecording()) {
inspector()->currentTransaction()->name = $name;
} else {
inspector()->startTransaction($name);
}
});
}

This will change the way Inspector reports transactions in your dashboard from GET /path/{id} to YourController@yourMethod .