obfuscate ip addresses in alert error message (#511)

* obfuscate ip addresses in alert error message Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * make ip obfuscation lower case Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * update test with lowercase ip obfuscation Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> (cherry picked from commit b8e6e75) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-project · Sep 8, 2023 · 56f6c8a · 56f6c8a
1 parent ba00b5c
commit 56f6c8a
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt b/src/main/kotlin/org/opensearch/commons/alerting/alerts/AlertError.kt
@@ -12,7 +12,10 @@ import org.opensearch.commons.alerting.util.optionalTimeField
 import java.io.IOException
 import java.time.Instant
 
-data class AlertError(val timestamp: Instant, val message: String) : Writeable, ToXContent {
+data class AlertError(val timestamp: Instant, var message: String) : Writeable, ToXContent {
+    init {
+        this.message = obfuscateIPAddresses(message)
+    }
 
     @Throws(IOException::class)
     constructor(sin: StreamInput) : this(
@@ -55,6 +58,12 @@ data class AlertError(val timestamp: Instant, val message: String) : Writeable,
         fun readFrom(sin: StreamInput): AlertError {
             return AlertError(sin)
         }
+
+        fun obfuscateIPAddresses(exceptionMessage: String): String {
+            val ipAddressPattern = "\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}"
+            val obfuscatedMessage = exceptionMessage.replace(ipAddressPattern.toRegex(), "x.x.x.x")
+            return obfuscatedMessage
+        }
     }
 
     override fun toXContent(builder: XContentBuilder, params: ToXContent.Params): XContentBuilder {

diff --git a/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt b/src/test/kotlin/org/opensearch/commons/alerting/alerts/AlertErrorTests.kt
@@ -0,0 +1,25 @@
+package org.opensearch.commons.alerting.alerts
+
+import org.junit.Assert
+import org.junit.jupiter.api.Test
+import java.time.Instant
+
+class AlertErrorTests {
+
+    @Test
+    fun `test alertError obfuscates IP addresses in message`() {
+        val message =
+            "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300][indices:admin/create]]; " +
+                "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][10.212.77.91:9300]" +
+                "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895" +
+                "dae7a24][10.212.77.91:9300][indices:admin/create]"
+        val alertError = AlertError(Instant.now(), message = message)
+        Assert.assertEquals(
+            alertError.message,
+            "AlertingException[[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]]; " +
+                "nested: Exception[org.opensearch.transport.RemoteTransportException: [5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300]" +
+                "[indices:admin/create]];; java.lang.Exception: org.opensearch.transport.RemoteTransportException: " +
+                "[5f32db4e2a4fa94f6778cb895dae7a24][x.x.x.x:9300][indices:admin/create]"
+        )
+    }
+}