Provides an extension to Logstash JSON Encoder to mask sensitive contents of log events using rules like below:
<encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
<providers>
<timestamp>
<timeZone>UTC</timeZone>
</timestamp>
<provider class="com.premonition.logging.logback.MaskingMessageProvider">
<rules>
<rule>
<name>credit card</name>
<pattern>\d{13,18}</pattern>
<unmasked>4</unmasked>
<position>END</position>
</rule>
<rule>
<name>SSN</name>
<pattern>\d{3}-?\d{3}-?\d{4}</pattern>
</rule>
</rules>
</provider>
<stackTrace/>
<pattern>
<pattern>
{
"severity": "%level",
"thread": "%thread",
"class": "%logger{40}"
}
</pattern>
</pattern>
</providers>
</encoder>
tag | description |
---|---|
name |
an optional friendly name for the rule |
prefix |
an optional literal prefix preceding the actual search pattern |
suffix |
an optional literal suffix following the actual search pattern |
pattern |
a regular expression pattern to identify the personally identifiable information |
unmasked |
the number of characters to leave unmasked |
position |
the position of the mask |
<rule>
<pattern>\d{3}-?\d{3}-?\d{4}</pattern>
<unmasked>4</unmasked><!-- 4 digits will remain unmasked -->
<position>BEGIN</position><!-- mask position -->
</rule>
- input:
123-123-1234
- output:
********1234
<rule>
<pattern>\d{3}-?\d{3}-?\d{4}</pattern>
<unmasked>4</unmasked><!-- 4 digits will remain unmasked -->
<position>END</position><!-- mask position -->
</rule>
- input:
123-123-1234
- output:
123-********