Update OpenTrafficPipeline.conf

Chris Wiechmann · Chris Wiechmann · commit c0f9ca35936d · 2022-03-31T15:36:46.000+02:00
diff --git a/logstash/pipelines/OpenTrafficPipeline.conf b/logstash/pipelines/OpenTrafficPipeline.conf
@@ -26,17 +26,32 @@ filter {
     add_field => { "[@metadata][apiCacheKeyPrefix]" => "" } # Create a default for the cacheKeyPrefix
   }
 
-  # First, check if the document should be ignored/dropped (configured based on the apiPath or PolicyName)
-
+  # Check if the document should be ignored/dropped (configured based on the apiPath or PolicyName)
+  if([transactionSummary] and [transactionSummary][path]) { # Only if a path is given (not given for instance for Scheduled-Policies)
+    mutate { 
+      replace => { "[@metadata][ignoreField][apiPath]" => "%{[transactionSummary][path]}" } 
+      add_field => { "[@metadata][apiPath]" => "%{[transactionSummary][path]}" } 
+    }
+  } else if ([transactionElement] and [transactionElement][protocolInfo][http][uri]) { # Additional check for the protocol, as the uri is not given for Non-HTTP legs
+    mutate { 
+      replace => { "[@metadata][ignoreField][apiPath]" => "%{[transactionElement][protocolInfo][http][uri]}" } 
+      add_field => { "[@metadata][apiPath]" => "%{[transactionElement][protocolInfo][http][uri]}" } 
+    } 
+  } else if ([circuitPath] and [circuitPath][0][policy]) { # Policy is for instance not given for OPTIONS requests
+    mutate { replace => { "[@metadata][ignoreField][policyName]" => "%{[circuitPath][0][policy]}" } }
+  } else { # For everything else (e.g. JMS-Legs) perform no lookup (Set the default to not ignore)
+    mutate { add_field => { "[isIgnoreAPI][ignore]" => "false" } }
+  }
   # Create a cache key for the API either on the complete received request path or if configured, only using a specific part of the path.
+  # It's used for the API-Details and Ignore-Lookup.
   # This prevents API requests with path parameters from not being cached efficiently due to their variable parameter.
   # Example: API-Request: /v1/get/pet/687687678, Configured-Path: /v1/get/pet - API-Details cached based on Configured-Path (/v1/get/pet)
-  if([transactionSummary] and [transactionSummary][path]) { # Only if a path is given (not given for instance for Scheduled-Policies)
+  if( ([transactionSummary] and [transactionSummary][path]) or ([transactionElement] and [transactionElement][protocolInfo][http][uri]) ) {
     ruby {
       id => "Set API-Cache-Key prefix"
       code => '
         cacheAPIPaths = event.get("[@metadata][cacheAPIPaths]");
-        apiRequestPath = event.get("[transactionSummary][path]");
+        apiRequestPath = event.get("[@metadata][apiPath]");
         if (cacheAPIPaths.nil? || cacheAPIPaths.empty?) 
           event.set("[@metadata][apiCacheKeyPrefix]", apiRequestPath);
           return;
@@ -53,13 +68,6 @@ filter {
         end
       '
     }
-    mutate { replace => { "[@metadata][ignoreField][apiPath]" => "%{[transactionSummary][path]}" } }
-  } else if ([transactionElement] and [transactionElement][protocolInfo][http][uri]) { # Additional check for the protocol, as the uri is not given for Non-HTTP legs
-    mutate { replace => { "[@metadata][ignoreField][apiPath]" => "%{[transactionSummary][path]}" } }
-  } else if ([circuitPath] and [circuitPath][0][policy]) { # Policy is for instance not given for OPTIONS requests
-    mutate { replace => { "[@metadata][ignoreField][policyName]" => "%{[circuitPath][0][policy]}" } }
-  } else { # For everything else (e.g. JMS-Legs) perform no lookup (Set the default to not ignore)
-    mutate { add_field => { "[isIgnoreAPI][ignore]" => "false" } }
   }
   # Create a cache key for the event, either on API-Path or Policy-Name
   mutate {
