Merge pull request #2479 from akto-api-security/fix/threat-customer-logs

gauravakto · web-flow · commit 2151e5cc1882 · 2025-05-06T18:56:35.000+05:30
Add better logs for threat module
diff --git a/apps/threat-detection/src/main/java/com/akto/threat/detection/tasks/MaliciousTrafficDetectorTask.java b/apps/threat-detection/src/main/java/com/akto/threat/detection/tasks/MaliciousTrafficDetectorTask.java
@@ -186,10 +186,10 @@ private void processRecord(HttpResponseParam record) throws Exception {
       return;
     }
 
-    logger.debugAndAddToDb("Processing record with actor IP: " + responseParam.getSourceIP());
     Context.accountId.set(Integer.parseInt(responseParam.getAccountId()));
     Map<String, FilterConfig> filters = this.getFilters();
     if (filters.isEmpty()) {
+      logger.warnAndAddToDb("No filters found for account " + responseParam.getAccountId());
       return;
     }
 
@@ -207,6 +207,7 @@ private void processRecord(HttpResponseParam record) throws Exception {
     ApiInfo.ApiInfoKey apiInfoKey = new ApiInfo.ApiInfoKey(apiCollectionId, url, method);
 
     for (FilterConfig apiFilter : apiFilters.values()) {
+      logger.debugAndAddToDb("Evaluating filter condition for url " + apiInfoKey.getUrl() + " filterId " + apiFilter.getId());
       boolean hasPassedFilter = validateFilterForRequest(apiFilter, rawApi, apiInfoKey);
 
       // If a request passes any of the filter, then it's a malicious request,
