report bans to traffic.out

[joelanders]

traffic.out is written to by ATS (not by any plugins) so you can't do it directly. but you can log the value of some http header to traffic.out and write to that header from a plugin.

copy/pasting from mattermost:

ok, re: adding a banjax-set field to the trafficserver-written deflect.log:

• patching trafficserver: looks like a bit of work
• adding some uuid to each document in deflect.log and banjax.log and doing a join somewhere in the ELK stack: doesn't seem possible in elasticsearch or kibana
• easiest solution: the would-be-nice thing i mentioned was some kind of key-value store you could assign to in banjax and then retrieve from in the ATS logging config -- turns out there's this thing called http headers which is such a store. our current deflect.log config looks like:

deflect_log = format {
  Format = '%<chi> %<caun> [%<cqtn>] \"%<cqhm> /%<cqup> %<cqhv>\" %<cqus> %<{Host}cqh> %<pssc> %<pscl> \"%<{User-Agent}cqh>\" %<crc> %<psct> %<pqsn> %<ttms> %<cquc> \"%<{Referer}cqh>\" \"%<{X-Forwarded-For}cqh>\"'
}

%<{X-Forwarded-For}cqh> gets the X-Forwarded-For header from the client's request. according to https://docs.trafficserver.apache.org/en/latest/admin-guide/logging/formatting.en.html?#admin-logging-fields-headers you can get a header from ATS's response to the client with %<{X-Some-Banjax-Header}psh>. are we ok with returning a X-Some-Banjax-Header: banned header to clients when they get banned? (we can omit it for non-banned requests). what about encoding the reason for banning?