| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Masking sensitive information while logging through log4j |
« View previous topic :: View next topic » |
| Author |
Message
|
| venkat5581 |
 Posted: Wed Jun 12, 2019 10:46 pm Post subject: Masking sensitive information while logging through log4j |
 |
|
Newbie
Joined: 12 Jun 2019
Posts: 2
|
Hi Friends,
I got an a requirement like we need to do masking sensitive information(Card number and CVV) while logging through log4j.
Can some one suggest me how can we achieve this requirement.
Thanks and Regards,
Venkat |
|
| Back to top |
|
 |
| Vitor |
| Posted: Thu Jun 13, 2019 4:54 am Post subject: Re: Masking sensitive information while logging through log4 |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| venkat5581 wrote: |
| Can some one suggest me how can we achieve this requirement. |
Why do you put such sensitive information in a plain text log in the first place? What value does it give you rather than (for example) a transaction number from which this sensitive information could be securely derived by a human? What's the actual requirement?
Mask the data before the flow makes the call to log4j.
Or write a custom logger.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| venkat5581 |
| Posted: Thu Jun 13, 2019 5:03 am Post subject: Re: Masking sensitive information while logging through log4 |
|
|
Newbie
Joined: 12 Jun 2019
Posts: 2
|
| Vitor wrote: |
| venkat5581 wrote: |
| Can some one suggest me how can we achieve this requirement. |
Why do you put such sensitive information in a plain text log in the first place? What value does it give you rather than (for example) a transaction number from which this sensitive information could be securely derived by a human? What's the actual requirement?
Mask the data before the flow makes the call to log4j.
Or write a custom logger. |
logging the sensitive information is our requirement into plain text.
We should not mask the information before calling log4j, when ever we are doing logging by calling log4j then only it should do mask. I got some info from other sites like we can do this in broker config file with filter function. but not getting exact code how can we use that function |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu Jun 13, 2019 5:37 am Post subject: Re: Masking sensitive information while logging through log4 |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| venkat5581 wrote: |
| logging the sensitive information is our requirement into plain text. |
That's not a requirement; that's repeating your question using different words.
What requirement, what business need, is causing you to put sensitive data in a plain text log file rather than (for example) logging it to an audit database where it can be properly secured.
| venkat5581 wrote: |
| I got some info from other sites like we can do this in broker config file with filter function. but not getting exact code how can we use that function |
Post the links to these "other sites".
Log4j does not come supplied with the IBM software and is a 3rd party open source add on. The "broker config file" you seem to have read about isn't the config file for the broker, but is the log4j config file that is typically held at a broker rather than an EG level.
So it's possible to amend the log4j logger to perform this masking as I indicate above, but if you want details of that you'd be better served posting the question in a log4j forum. Broker has no part of that process, it just calls out to log4j like a Java or other application would.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
