Log attacks

Author: bitterpanda63

agent_api/src/main/java/dev/aikido/agent_api/storage/AttackQueue.java

@@ -27,6 +27,13 @@ public static void attackDetected(Attack attack, ContextObject context) {
             StatisticsStore.incrementAttacksBlocked(attack.operation); // Also increment blocked attacks.
         }
 
+        // we want to log the attack at this stage, to make sure that even if it is only detected, we still see logs
+        if (ServiceConfigStore.getConfig().isBlockingEnabled()) {
+            logger.error("Blocking attack: %s", attack);
+        } else {
+            logger.error("Detected attack (Blocking disabled): %s", attack);
+        }
+
         // generate attack API event
         APIEvent detectedAttack = createAPIEvent(attack, context);
         add(detectedAttack);

agent_api/src/main/java/dev/aikido/agent_api/vulnerabilities/Attack.java

@@ -1,5 +1,6 @@
 package dev.aikido.agent_api.vulnerabilities;
 
+import com.google.gson.Gson;
 import dev.aikido.agent_api.context.User;
 
 import java.util.Map;
@@ -26,14 +27,7 @@ public Attack(String op, Vulnerabilities.Vulnerability vulnerability, String sou
 
     @Override
     public String toString() {
-        return "Attack{" +
-                "operation='" + operation + '\'' +
-                ", kind='" + kind + '\'' +
-                ", source='" + source + '\'' +
-                ", pathToPayload='" + pathToPayload + '\'' +
-                ", metadata=" + metadata +
-                ", payload='" + payload + '\'' +
-                ", stack='" + stack + '\'' +
-                ", user=" + user.id() + '}';
+        Gson gson = new Gson();
+        return gson.toJson(this);
     }
 }