Recently I spent some time refactoring our error reporting system over at Cognoa. Since we store PHI (Personal Health Information) about our patients in our database, we have to be extremely careful about how we handle that data between systems. Any unintended leakage could potentially risk patient information so we have to meet strict guidelines in order to be HIPAA compliant.

A consequence of this is that our error reporting system needs to be self-hosted to ensure nothing leaks outside our system. We chose to use Errbit awhile ago because it is open-source and Airbrake API compliant -- meaning it's built to use a notifier gem that is maintained by Airbrake. Errbit is a simple Rails app, so it was easy to spin up an EC2 instance in our VPC, where the only traffic is coming from the application server. This solution solved 80% of our issues but can feel like there's a bit missing when compared to paid products like Airbrake or Honeybadger.

My biggest gripe was the user information -- I'm using Devise in my project and Airbrake says it automatically figures out the user attributes tab. The Errbit README even says it's in the latest version, but if you look through the Airbrake README, you'll find the user_attributes key was removed in version 5.0. The latest is 7.1.0. What to do?

After a very frustrating night looking through the source of airbrake, airbrake-ruby, and errbit, I found where the user attributes ran off to: notice_parser.rb#L71 in Errbit.

I was then able to write up an Airbrake filter that automatically detects the current user based on the session or header information and stick it into the notice and have Errbit display it. Since we're using Devise, the warden user information is available in the session. On the API side of things, we can rely upon HTTP token header authentication.

..and there you have it. Hope it helps, cheers!