Improve error logging for a couple of use cases

This commit is contained in:
Curtis Castrapel 2020-04-08 11:50:42 -07:00
parent 37f4b4c2a6
commit 1360d846fd
3 changed files with 35 additions and 20 deletions

View File

@ -2,6 +2,7 @@ import re
import unicodedata import unicodedata
from cryptography import x509 from cryptography import x509
from cryptography.hazmat.primitives.serialization import Encoding
from flask import current_app from flask import current_app
from lemur.common.utils import is_selfsigned from lemur.common.utils import is_selfsigned
@ -71,12 +72,20 @@ def common_name(cert):
:return: Common name or None :return: Common name or None
""" """
try: try:
return cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)[ subject_oid = cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)
0 if len(subject_oid) > 0:
].value.strip() return subject_oid[0].value.strip()
return None
except Exception as e: except Exception as e:
sentry.captureException() sentry.captureException()
current_app.logger.error("Unable to get common name! {0}".format(e)) current_app.logger.error(
{
"message": "Unable to get common name",
"error": e,
"public_key": cert.public_bytes(Encoding.PEM).decode("utf-8")
},
exc_info=True
)
def organization(cert): def organization(cert):

View File

@ -216,22 +216,24 @@ class AWSSourcePlugin(SourcePlugin):
for region in regions: for region in regions:
elbs = elb.get_all_elbs(account_number=account_number, region=region) elbs = elb.get_all_elbs(account_number=account_number, region=region)
current_app.logger.info( current_app.logger.info({
"Describing classic load balancers in {0}-{1}".format( "message": "Describing classic load balancers",
account_number, region "account_number": account_number,
) "region": region,
) "number_of_load_balancers": len(elbs)
})
for e in elbs: for e in elbs:
endpoints.extend(get_elb_endpoints(account_number, region, e)) endpoints.extend(get_elb_endpoints(account_number, region, e))
# fetch advanced ELBs # fetch advanced ELBs
elbs_v2 = elb.get_all_elbs_v2(account_number=account_number, region=region) elbs_v2 = elb.get_all_elbs_v2(account_number=account_number, region=region)
current_app.logger.info( current_app.logger.info({
"Describing advanced load balancers in {0}-{1}".format( "message": "Describing advanced load balancers",
account_number, region "account_number": account_number,
) "region": region,
) "number_of_load_balancers": len(elbs_v2)
})
for e in elbs_v2: for e in elbs_v2:
endpoints.extend(get_elb_endpoints_v2(account_number, region, e)) endpoints.extend(get_elb_endpoints_v2(account_number, region, e))

View File

@ -123,15 +123,19 @@ def sync_endpoints(source):
"acct": s.get_option("accountNumber", source.options)}) "acct": s.get_option("accountNumber", source.options)})
if not endpoint["certificate"]: if not endpoint["certificate"]:
current_app.logger.error( current_app.logger.error({
"Certificate Not Found. Name: {0} Endpoint: {1}".format( "message": "Certificate Not Found",
certificate_name, endpoint["name"] "certificate_name": certificate_name,
) "endpoint_name": endpoint["name"],
) "dns_name": endpoint.get("dnsname"),
"account": s.get_option("accountNumber", source.options),
})
metrics.send("endpoint.certificate.not.found", metrics.send("endpoint.certificate.not.found",
"counter", 1, "counter", 1,
metric_tags={"cert": certificate_name, "endpoint": endpoint["name"], metric_tags={"cert": certificate_name, "endpoint": endpoint["name"],
"acct": s.get_option("accountNumber", source.options)}) "acct": s.get_option("accountNumber", source.options),
"dnsname": endpoint.get("dnsname")})
continue continue
policy = endpoint.pop("policy") policy = endpoint.pop("policy")