是否可以使用 logstash-logback-encoder 部分屏蔽
is it possible to mask partially with logstash-logback-encoder
我必须在日志中屏蔽敏感信息,
但只是部分。
例如我需要更换电子邮件
'kate@example.com' 和 'k***@e***'
是否可以使用 logstash-logback-encoder 来做到这一点?
目前我用这个logback.xml:
<configuration>
<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="net.logstash.logback.encoder.LogstashEncoder">
<fieldNames>
<timestamp>timestamp</timestamp>
</fieldNames>
</encoder>
<!-- see https://github.com/logfellow/logstash-logback-encoder#identifying-field-values-to-mask-by-value -->
<encoder class="net.logstash.logback.encoder.LogstashEncoder">
<jsonGeneratorDecorator class="net.logstash.logback.mask.MaskingJsonGeneratorDecorator">
<value>(\w+@\w+\.\w+)</value>
<path>message/*</path>
</jsonGeneratorDecorator>
</encoder>
</appender>
<root level="info">
<appender-ref ref="CONSOLE"/>
</root>
</configuration>
然后我得到:
{"@timestamp":"2021-12-21T17:17:15.072+02:00","@version":"1","message":"email=********)]","logger_name":"org.ba.SpringLogginProcessingExampleApplication","thread_name":"main","level":"INFO","level_value":20000}
我更喜欢 LogEvent(email=k****@e*** vs email=****
是的。掩码可以在值正则表达式中引用捕获组。
像这样:
<valueMask>
<value>(\w)\w*@(\w)\w*\.(\w)\w*</value>
<mask>****@****.****</mask>
</valueMask>
我必须在日志中屏蔽敏感信息, 但只是部分。 例如我需要更换电子邮件 'kate@example.com' 和 'k***@e***' 是否可以使用 logstash-logback-encoder 来做到这一点?
目前我用这个logback.xml:
<configuration>
<appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="net.logstash.logback.encoder.LogstashEncoder">
<fieldNames>
<timestamp>timestamp</timestamp>
</fieldNames>
</encoder>
<!-- see https://github.com/logfellow/logstash-logback-encoder#identifying-field-values-to-mask-by-value -->
<encoder class="net.logstash.logback.encoder.LogstashEncoder">
<jsonGeneratorDecorator class="net.logstash.logback.mask.MaskingJsonGeneratorDecorator">
<value>(\w+@\w+\.\w+)</value>
<path>message/*</path>
</jsonGeneratorDecorator>
</encoder>
</appender>
<root level="info">
<appender-ref ref="CONSOLE"/>
</root>
</configuration>
然后我得到:
{"@timestamp":"2021-12-21T17:17:15.072+02:00","@version":"1","message":"email=********)]","logger_name":"org.ba.SpringLogginProcessingExampleApplication","thread_name":"main","level":"INFO","level_value":20000}
我更喜欢 LogEvent(email=k****@e*** vs email=****
是的。掩码可以在值正则表达式中引用捕获组。
像这样:
<valueMask>
<value>(\w)\w*@(\w)\w*\.(\w)\w*</value>
<mask>****@****.****</mask>
</valueMask>