Code Library Overview

The FireTail code libraries documentation provides detailed instructions for installing and building the FireTail libraries. Once set up, these libraries enhance API observability by logging detailed information about requests and responses.This data is enriched with additional context, providing insights for effective API management and security.

Logging

The FireTail code libraries provide logging capabilities for API requests and responses. They capture details such as request and response bodies, headers, source IPs, and request methods. These logs can be used in identifying potential vulnerabilities, such as denial of service attacks, by including execution times of API requests.

Validation

The FireTail code libraries have validation capabilities to to ensure both incoming requests and outgoing responses comply with your OpenAPI specification:

• Request Validation - Checks request body and headers against your defined OpenAPI schema, ensuring adherence to expected structure and data types.
• Response Validation - Check response body and headers against your OpenAPI specification, ensuring compliance with defined schemas.

Customizable Validation

You can customize validation settings for request and response bodies and headers independently. This flexibility allows you to tailor the validation process to meet specific API requirements. For example, you may choose to temporarily disable response validation during stages where response payloads are still being defined.

Observability

The FireTail libraries provide observability by reporting essential data to the FireTail SaaS platform for every API request and response. Each log sent includes:

• IP address: Originating IP address of the request.
• HTTP method: Method used for the request.
• Request details: Request body and headers received by the API.
• Response details: Response bodies and headers returned by the API.
• Execution time: Duration spent responding to the API request. This is useful for identifying API requests that took a long time to respond, which could indicate vulnerabilities making your API susceptible to a denial of service attack.

Enrichment

Logs sent to the FireTail platform are enriched with additional information for easier search and identification of suspicious activities. Enrichment includes:

• Geolocation: Geographic location of the request's IP address, allowing you to search requests by country or even a polygon on a map.
• Autonomous System Number (ASN): Associated with the source IP address.
• User-Agent categories: Helps identify traffic from various developer tools, such as Postman or curl.
• Bot traffic tags: Requests that appear to be from automated systems are tagged, allowing you to filter them out easily.
• Personally identifiable information (PII): Identifies sensitive data like email addresses and IBAN numbers.

Monitoring

Automated monitoring capabilities within the FireTail SaaS platform allow you to set up alerts based on changes identified in logs. Examples of configurable alerts include:

• Execution time changes: Alerts for significant variations in API response times, helping you investigate why your API might be slowing down.
• Bot traffic: Alerts for an increase in bot traffic to your API.
• Traffic origin: Alerts for a surge in traffic from a particular country, indicating a possible attack.

These alerts can be integrated with third-party software such as Slack and Jira. Learn more about setting up Alerts in the FireTail platform.

Code Libraries

• Python
• Go
• Node.js
• Ruby
• Lambda Extension
• KrakenD
• NGINX
  
• APISIX