Is there a way to capture values from custom header? I see that header values that are passed to elasticsearch calls are logged in ROR audit indices. But is there a way to capture the actual value also?
We have type ahead search services that will be called by multiple apps. Typically for calls involving NPI data, we log data separately. But because this is type ahead, we are trying to avoid any additional overhead within the application itself. So we wanted to add some kind of tracking that is transparent to application logic and capture it on ES end itself. So is there a way in ROR to capture the header value as well as its already capturing the passed header?
I was going through old forum posts and saw that there was an undocumented feature obfuscated_headers that was added. So I was wondering if there is something similar that is already available that will allow us to capture the header values as well for specific headers.
Thanks for the feedback. Unfortunately our team does not have any Scala or Java developers. Since we are using FOSS version of both ES and ROR, I am not sure if there will be appetite on client side to fund this development externally
This is how the current flow is.
client app > our search service > es call.
I am thinking that we could probably explore using api_keys instead, but will need to include the host rule as well so that calls will only be authorized when coming through our servers where web service is hosted. Can we include both api_key and hosts rule in same ACL block?