Customization

Laritor is built to be highly configurable, so you can adapt it to your exact requirements.

Environment Variables

Feature	Environment Variable	Default	Description
Backend API Key	LARITOR_BACKEND_KEY	—	Ingest API key used by Laritor’s backend to authenticate event submissions.
Ingest Endpoint URL	LARITOR_INGEST_ENDPOINT	—	Full URL where events are sent for ingestion.
Enable / Disable Laritor	LARITOR_ENABLED	false	Temporarily pause all event collection without uninstalling.
Environment Name	LARITOR_ENV	APP_ENV value	Override the detected environment name.
Server Name	LARITOR_SERVER_NAME	Hostname	Set a custom server name (useful for serverless environments).
Max Events Per Occurrence	LARITOR_MAX_EVENTS_PER_OCCURRENCE	5000	Limit events per request/command to control usage.
Laravel Context	LARITOR_RECORD_CONTEXT	true	Capture Laravel 11+ context.
Database Schema Tracking	LARITOR_RECORD_DB_SCHEMA	true	Track schema for visualization & AI-based query optimization.
Log Level	LARITOR_LOG_LEVEL	debug	Minimum log level to capture (debug, info, error, etc.).
Record Query Bindings	LARITOR_RECORD_QUERY_BINDINGS	true	Include SQL query parameter values.
Record Query Strings	LARITOR_RECORD_QUERY_STRING	false	Capture HTTP query string parameters.
Request Headers	LARITOR_RECORD_REQUEST_HEADERS	false	Capture inbound request headers.
Request Body	LARITOR_RECORD_REQUEST_BODY	false	Capture inbound request body.
Response Headers	LARITOR_RECORD_REQUEST_RESPONSE_HEADERS	false	Capture inbound response headers.
Response Body	LARITOR_RECORD_REQUEST_RESPONSE_BODY	false	Capture inbound response body.
Outbound Request Headers	LARITOR_RECORD_OUTBOUND_REQUEST_HEADERS	false	Capture outbound request headers.
Outbound Request Body	LARITOR_RECORD_OUTBOUND_REQUEST_BODY	false	Capture outbound request body.
Outbound Response Headers	LARITOR_RECORD_OUTBOUND_REQUEST_RESPONSE_HEADERS	false	Capture outbound response headers.
Outbound Response Body	LARITOR_RECORD_OUTBOUND_REQUEST_RESPONSE_BODY	false	Capture outbound response body.
Rate Limit Requests	LARITOR_RATE_LIMIT_REQUESTS	false	Enable per-URL request sampling.
Requests per URL per Minute	LARITOR_RATE_LIMIT_REQUESTS_ATTEMPTS	—	Number of requests to record per URL per minute when rate limiting is enabled.

Filtering

By default, Laritor records every supported event. If you’d like to skip certain events like specific routes, jobs, or queries, you can define a custom filter class.

This gives you full control over what gets tracked and helps reduce noise, save storage, and stay compliant.

Step 1: Publish the Filter Override Class

Run the following artisan command to publish the filter override class.

php artisan make:laritor-filter

This command will create a new file in app/Laritor/LaritorDataFilter.php. You can override any of the methods in this class to return false for events you want to skip.

Step 2: Register the Override in AppServiceProvider

In your app/Providers/AppServiceProvider.php file, register the filter class in the boot() method as below:

public function boot(): void
{
    $this->app->bind(
        \BinaryBuilds\LaritorClient\Override\LaritorOverride::class,
        \App\Laritor\LaritorDataFilter::class
    );
}

✅ Done! Laritor will now call your custom filter class before recording each event.

Available Filter Overrides

Method	Description
recordRequest($request)	return false to ignore specific requests
recordQuery($query, $duration)	return false to ignore specific queries
recordException($e)	return false to ignore specific exceptions
recordQueuedJob($job)	return false to ignore specific queued jobs
recordMail($message)	return false to ignore specific mails
recordNotification($notifiable, $notification)	return false to ignore specific notifications
recordCommandOrScheduledTask($command)	return false to ignore specific command
recordOutboundRequest($url)	return false to ignore specific outbound request
recordCacheHit($cacheKey)	return false to ignore specific cache keys
recordTaskScheduler()	return false to ignore tracking health of task scheduler
isBot($request)	return true or false to determine whether a request is from bot

Filtering Examples

Ignore specific requests

public function recordRequest($request): bool
{
    $path = $request->path();

    if (
        $path === 'health' ||
        str_starts_with($path, 'telescope') ||
        str_starts_with($path, 'horizon') ||
        preg_match('/\.(js|css|jpg|jpeg|png|svg|gif|ico)$/i', $path)
    ) {
        return false;
    }

    return true;
}

Ignore specific queries

public function recordQuery($query, $duration): bool
{
    // Skip queries faster than 5ms
    if ($duration < 5) {
        return false;
    }

    // Ignore Telescope and Horizon-related queries
    if (preg_match('/\b(telescope_entries|horizon_jobs|horizon_tags)\b/i', $query)) {
        return false;
    }

    return true;
}

Ignore Specific Jobs

public function recordQueuedJob($job): bool
{
    if ($job instanceof BroadcastEvent)) {
        return false;
    }

    return true;
}

Mark Internal Bots As Not Bot

By default, Laritor will identify bot requests based on the user agent string and mark them as bot requests. If your internal applications such as a different app or microservices are making requests, They may be treated as bots. To avoid this, you can override the isBot method to not tag your internal requests as bots.

public function isBot($request): bool
{
    $ua = strtolower($request->userAgent());

    if (str_contains($ua, 'internal-bot')) {
        return false;
    }

    return parent::isBot($request);
}

Sampling & Rate Limits

If your application generates high traffic, you may not need to track every single one. Laritor allows per-URL sampling using built-in rate limiting. This helps reduce event volume, control costs, and keep your dashboards focused.

You can configure Laritor to only capture up to N requests per URL per minute. Any extra requests beyond the limit are dropped automatically.

How Sampling Works

When sampling is enabled:

• Laritor tracks how many times each unique URL (e.g., /api/users, /checkout) has been recorded in the current minute.
• Once the limit for a specific URL is reached, additional events for that URL are discarded until the next minute begins.
• Limits apply independently per URL, so critical endpoints are not throttled.

Enable Sampling

To enable request sampling, add the following environment variables to your .env file:

LARITOR_RATE_LIMIT_REQUESTS=true
LARITOR_RATE_LIMIT_REQUESTS_ATTEMPTS=5

In the example above:

• Laritor will record up to five requests per URL per minute.
• If your app receives 20 requests to /api/orders in one minute, only the first 5 are recorded.

Sampling Examples

URL	Requests Received (1 min)	Sampling Limit	Requests Recorded
/api/users	10	5	5
/api/orders	3	5	3
/checkout	15	5	5

Redacting

Laritor automatically redacts sensitive data before it leaves your servers. You can further customize the redaction logic by overriding the default redactor. This allows you to mask, replace, or remove data like email addresses, user information, IPs, and more tailored to your app’s privacy requirements.

Step 1: Publish the Redactor Override Class

Run the following artisan command to publish the redactor override class.

php artisan make:laritor-redactor

This command will create a new file in app/Laritor/LaritorDataRedactor.php. You can override any of the methods in this class to redact the data as per your needs.

Step 2: Register Your Redactor

In your app/Providers/AppServiceProvider.php, register the redactor in the boot() method as below:

public function boot(): void
{
    $this->app->bind(
        \BinaryBuilds\LaritorClient\Redactor\DataRedactor::class,
        \App\Laritor\LaritorDataRedactor::class
    );
}

✅ Once registered, Laritor will use your custom redactor for all outgoing data.

Available Redactors

Redactor Method	What it redacts	Use case
redactEmailAddress($email)	Email addresses	Replace or mask user emails
redactString($text)	Generic string values	Redact log lines, message bodies, etc.
redactArrayValue($key,$value)	Array key-value pairs	Redact keys like password, token, etc.
redactAuthenticatedUser(): array	Authenticated user details	Return only anonymized or partial data
redactIPAddress($ip)	IP addresses	Mask or remove client/server IPs
redactUserAgent($ua)	User-Agent header	Strip or normalize browser/device info

Redaction Examples

Redact Email Address

public function redactEmailAddress($address): string
{
    [$user, $domain] = explode('@', $address);
    return str_repeat('*', strlen($user)) . '@' . $domain;
}

Redact Sensitive Strings

public function redactString($text): string
{
    // Redact common tokens or credentials in text
    $patterns = [
        '/Bearer\s+[A-Za-z0-9\-_\.=]+/i' => '[REDACTED_TOKEN]',
        '/password\s*=\s*["\']?.+?["\']?/i' => 'password=[REDACTED]',
    ];

    return preg_replace(array_keys($patterns), array_values($patterns), $text);
}

Redact Arrays

Redact specific array keys from request payloads, query params, headers, etc.

public function redactArrayValue($key, $value): string
{
    $sensitiveKeys = [
        'password', 'token', 'access_token', 'refresh_token',
        'api_key', 'secret', 'authorization', 'auth_token',
    ];

    if (in_array(strtolower($key), $sensitiveKeys, true)) {
        return '*****';
    }

    return $value;
}

Customize / Redact Authenticated User

Customize / Redact the logged-in user’s personal data:

public function redactAuthenticatedUser(): array
{
    $user = Auth::user();

    return [
        'id' => $user?->id,
        'name' => $user?->id ? 'User #' . $user->id : null,
        'email' => $user?->id ? 'user' . $user->id . '@redacted.com' : null,
    ];
}

Bonus: Redact based on environment

public function redactString($text): string
{
    if (app()->environment('production')) {
        return '*REDACTED*';
    }

    return $text;
}

Send Additional Attributes For Authenticated User

If you wish to send more information for authenticated users like their role, team they belong to, Follow the below steps.

Step 1: Publish and register the custom redactor

Publish and register the custom redactor class if you haven’t already. Click here for instructions.

Step 2: Override the redactAuthenticatedUser method

Override the redactAuthenticatedUser method to pass additional user attributes as shown below.

id, name and email fields are required and must be included all time. For unauthenticated users, pass null for these fields

public function redactAuthenticatedUser(): array
{
    $user = Auth::user();

    if ($user) {
        return [
            'id' => $user->id,
            'name' => $user->name,
            'email' => $user->email,
            'team' => [
                'id' => $user->team->id,
                'name' => $user->team->name
            ],
            'role' => $user->role
        ];
    }

    return parent::redactAuthenticatedUser();
}

Recording Command Output

By default, Laritor captures basic information about Artisan commands such as their name, start and end times, exit code, and context. If you also want to record the command’s output, you can enable this on a per-command basis.

To do so, simply add the SendOutputToLaritor trait to your console command class:

<?php

namespace App\Console\Commands;

use Illuminate\Console\Command;
use BinaryBuilds\LaritorClient\SendOutputToLaritor;

class ImportUsers extends Command
{
    use SendOutputToLaritor;

    protected $signature = 'users:import';
    protected $description = 'Import users from external service';

    public function handle()
    {
        $this->info('Starting import...');

        // Import logic here

        $this->info('Import complete!');
    }
}

When this trait is included, Laritor will automatically capture and transmit all output generated by the command (including info, warn, error, comment, table, and other console messages) as part of the event data.

When to Use

• ✅ Useful for debugging failed or complex long-running commands.
• ✅ Helps correlate command logs with system events.

---

With these configuration options, you can fine-tune Laritor’s behavior to align with your application’s requirements, performance goals, and privacy policies.

If you need help with advanced customization or have a specific use case not covered in this guide, feel free to reach out. We’re happy to help!

Contact Us

Email: [email protected]

Join: Laritor Discord