Expand description
Full-fidelity traffic capture (tenant-agnostic).
A capture proxy forwards each request to the upstream while recording the raw
request and response to a durable stream, so a replayer can later apply that
stream to another cluster (the OpenSearch Migration Assistant capture proxy).
This crate is the seam: Capture receives each exchange; a queue writer
(the osproxy-kafka crate), a file recorder, or the in-memory
MemoryCapture implement it. It pulls in no broker dependency, so the seam
is implementable from a leaf crate without dragging a Kafka client into the
default build.
This is not the shape-only telemetry. Everything else osproxy records is
shapes/ids/names and safe to expose by construction. A capture record carries
the raw bodies and header values, tenant data, and any credential a
redaction layer did not strip. The capture stream is a privileged channel:
secure it (encryption, access control), and enable it deliberately, never by
default. Redaction is composed in via RedactingCapture rather than baked
into every recorder.
Structs§
- Capture
Record - One captured request/response exchange, borrowed for the duration of the
Capture::capturecall. Full fidelity: bodies and header values included. - Memory
Capture - A reference
Capturethat keeps exchanges in memory. For tests and local inspection; a real deployment writes to a durable queue. - NoCapture
- The default: capture off. No record is assembled.
- Owned
Capture - An owned copy of a captured exchange, for the in-memory reference recorder.
- Redacting
Capture - Strips the
Authorizationheader before the wrapped capture sees the record. Composition: redaction is a layer over any recorder, not a feature each recorder reimplements.
Enums§
- Http
Method - The HTTP method of a request.
Traits§
- Capture
- Receives one record per forwarded request. The recorder a capture proxy provides: a queue writer implements this.
Functions§
- without_
authorization - The header list with any
Authorizationheader removed (case-insensitive).