1

I have this sample log below that I want to extract the JS object in here to stripeError. I'm not able to succesfully and cleanly extract it all.

StripeInvalidRequestError: Your destination account needs to have at least one of the following capabilities enabled: transfers, crypto_transfers, legacy_payments
    at StripeError.generate (/var/task/web/node_modules/stripe/lib/Error.js:40:16)
    at res.toJSON.then.StripeAPIError.message (/var/task/web/node_modules/stripe/lib/StripeResource.js:220:35)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  type: 'StripeInvalidRequestError',
  raw: {
    code: 'insufficient_capabilities_for_transfer',
    message: 'Your destination account needs to have at least one of the following capabilities enabled: transfers, crypto_transfers, legacy_payments',
    request_log_url: 'https://dashboard.stripe.com/logs/req_sample123AbCdEf?t=1234567890',
    type: 'invalid_request_error',
    headers: {
      server: 'nginx',
      date: 'Wed, 23 Apr 2025 00:00:00 GMT',
      'content-type': 'application/json',
      'content-length': '357',
      connection: 'keep-alive',
      'access-control-allow-credentials': 'true',
      'access-control-allow-methods': 'GET, HEAD, PUT, PATCH, POST, DELETE',
      'access-control-allow-origin': '*',
      'access-control-expose-headers': 'Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required',
      'access-control-max-age': '300',
      'cache-control': 'no-cache, no-store',
      'content-security-policy': "base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=Sample1234567890AbCdEfGhIjKlMnOpQrStUvWxYz",
      'idempotency-key': 'stripe-node-retry-12345678-abcd-9876-efgh-123456789012',
      'original-request': 'req_sample123AbCdEf',
      'request-id': 'req_sample123AbCdEf',
      'stripe-should-retry': 'false',
      'stripe-version': '2020-08-27',
      vary: 'Origin',
      'x-stripe-priority-routing-enabled': 'true',
      'x-stripe-routing-context-priority-tier': 'livemode-critical',
      'x-wc': 'ABCDE',
      'strict-transport-security': 'max-age=63072000; includeSubDomains; preload'
    },
    statusCode: 400,
    requestId: 'req_sample123AbCdEf'
  },
  rawType: 'invalid_request_error',
  code: 'insufficient_capabilities_for_transfer',
  doc_url: undefined,
  param: undefined,
  detail: undefined,
  headers: {
    server: 'nginx',
    date: 'Wed, 23 Apr 2025 00:00:00 GMT',
    'content-type': 'application/json',
    'content-length': '357',
    connection: 'keep-alive',
    'access-control-allow-credentials': 'true',
    'access-control-allow-methods': 'GET, HEAD, PUT, PATCH, POST, DELETE',
    'access-control-allow-origin': '*',
    'access-control-expose-headers': 'Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required',
    'access-control-max-age': '300',
    'cache-control': 'no-cache, no-store',
    'content-security-policy': "base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=Sample1234567890AbCdEfGhIjKlMnOpQrStUvWxYz",
    'idempotency-key': 'stripe-node-retry-12345678-abcd-9876-efgh-123456789012',
    'original-request': 'req_sample123AbCdEf',
    'request-id': 'req_sample123AbCdEf',
    'stripe-should-retry': 'false',
    'stripe-version': '2020-08-27',
    vary: 'Origin',
    'x-stripe-priority-routing-enabled': 'true',
    'x-stripe-routing-context-priority-tier': 'livemode-critical',
    'x-wc': 'ABCDE',
    'strict-transport-security': 'max-age=63072000; includeSubDomains; preload'
  },
  requestId: 'req_sample123AbCdEf',
  statusCode: 400,
  charge: undefined,
  decline_code: undefined,
  payment_intent: undefined,
  payment_method: undefined,
  payment_method_type: undefined,
  setup_intent: undefined,
  source: undefined,
  myCustomKeyToTest: true
}

First try

I deally I was hoping to do a rule like this:

extract_stripe_error_rule [^{]*?%{data:stripeError:json}.*

And it would see it as json, but because they keys don't have quotes around it, and single quotes are used, this is a JS object so that doesn't work.

Second try

extract_stripe_error_rule [^{]*?%{regex("[^}]*"):stripeError:keyvalue(": ")}.*

But this doesn't get the nested js object. And then some keys are turned into arrays.

Third try

To handle nested js objects, I see the first one is raw and then in here is raw.headers.

extract_standard_error_from_stripe_error_rule Stripe[a-zA-Z]+Error: %{regex("[^\\n]*"):error.message}\s*%{regex("[^{]*"):error.stack}%{regex(".*?"):stripeError:keyvalue(": ")}raw: \{%{regex(".*?"):stripeError.raw:keyvalue(": ")}headers: \{%{regex(".*?"):sripeError.raw.headers:keyvalue(": ")}\},\n%{regex(".*?"):stripeError.raw:keyvalue(": ")}\},\n%{regex(".*?"):stripeError:keyvalue(": ")}headers: \{%{regex(".*?"):stripeError.headers:keyvalue(": ")}\},\n%{regex(".*?"):stripeError:keyvalue(": ")}$

This now does extract things succesfully, however it creates arrays, as I had to repeat the parts around the nested objects. And also due to repition, some of the stuff is excluded, as you see myCustomKeyToTest is not included.

Improve this question
Related questions
1
Datadog | Parsing logs with grok parser
11
Datadog Grok Parsing - extracting fields from nested JSON
0
Grok pattern to extract specific data only from log
Load 1 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.