1 files changed, 7 insertions, 4 deletions

diff --git a/config/initializers/rack_attack_logging.rb b/config/initializers/rack_attack_logging.rb
index a95cb09755b..e89c6b1b794 100644
--- a/config/initializers/rack_attack_logging.rb
+++ b/config/initializers/rack_attack_logging.rb
@@ -5,13 +5,15 @@
 ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, request_id, payload|
   req = payload[:request]
 
-  if [:throttle, :blocklist].include? req.env['rack.attack.match_type']
+  case req.env['rack.attack.match_type']
+  when :throttle, :blocklist
     rack_attack_info = {
       message: 'Rack_Attack',
       env: req.env['rack.attack.match_type'],
       remote_ip: req.ip,
       request_method: req.request_method,
-      path: req.fullpath
+      path: req.fullpath,
+      matched: req.env['rack.attack.matched']
     }
 
     throttles_with_user_information = [
@@ -25,11 +27,12 @@ ActiveSupport::Notifications.subscribe(/rack_attack/) do |name, start, finish, r
       user_id = req.env['rack.attack.match_discriminator']
       user = User.find_by(id: user_id)
 
-      rack_attack_info[:throttle_type] = req.env['rack.attack.matched']
       rack_attack_info[:user_id] = user_id
-      rack_attack_info[:username] = user.username unless user.nil?
+      rack_attack_info['meta.user'] = user.username unless user.nil?
     end
 
     Gitlab::AuthLogger.error(rack_attack_info)
+  when :safelist
+    Gitlab::Instrumentation::Throttle.safelist = req.env['rack.attack.matched']
   end
 end