Limit user information to RackAttack throttles (!30467) · Merge requests · GitLab.org / GitLab FOSS

Mayra Cabrera requested to merge 62756-follow-up-user-info-in-auth-log into master Jul 08, 2019

What does this MR do?

While browsing the auth.log on Kibana, I noticed that on Rack Attack blocks events we're not filling the Rack Attack discriminator, so user_id appears as nil on these cases. This MR limits the user info only to throttle_authenticated_api and throttle_authenticated_web.

Rack Attack log example: https://log.gitlab.net/goto/e4b7365fc2be37fc5b61d24c1d94dbce

Does this MR meet the acceptance criteria?

Conformity

[-] Changelog entry
[-] Documentation created/updated or follow-up review issue created
Code review guidelines
Merge request performance guidelines
Style guides
[-] Database guides
[-] Separation of EE specific content

Related to #62756 (moved)

Edited Oct 29, 2021 by 🤖 GitLab Bot 🤖

Limit user information to RackAttack throttles

What does this MR do?

Does this MR meet the acceptance criteria?

Conformity

Merge request reports