I’ve been diving back into some Elixir projects this week; mostly small stuff. I updated Sentry and ensured it was logging at all the endpoints. Story time with this client…
Some six years ago I wired up Sentry to start tracking errors when this code base was fairly shiny and new; at the time I used free account associated with my work email. My thinking at the time was we could pilot Sentry then start a paid plan. I think the nature of this project, and Elixir in general is that it’s just fairly fault tolerant. Also, due to various priorities, budgeting, staffing, yadda, yadda I never took the time to dial Sentry in and filter the noise. Occasionally I’d dip into the account to look for a specific error, about half way through the month I’d get the email saying we’d hit our limit for the month and that was that.
I should note this is not a small client, this application is processing millions a day in revenue! On the one hand they should have been paying for Sentry years ago, but on the other hand I get it. Security is not slacking in this organization, their servers get more junk requests to stuff like /wp-admin then any other client I’ve ever worked with. This is, in no small part I believe, due to their rigorous use of bug bounty and associated white hat programs. (It’s a source of pride that this particular application has never been hacked and generally scores better than most of their tech in pen-tests).
It’s interesting how a tool that is so essential to modern web-development like Sentry can be omitted for years and years; I’m confident we could have continued just fine without it but I’m also betting that if we take the time to filter the noise this is going to make the customer happier and make our lives far more simple.