[NET8 Log Reduction] Detect direct logging of reducted information

Question

[NET8 Log Reduction] Detect direct logging of reducted information

LiorBanai opened this issue 6 months ago · comments

Is your feature request related to a problem? Please describe.

in NET8 Microsoft added recution capabilites for logging exampel: https://andrewlock.net/redacting-sensitive-data-with-microsoft-extensions-compliance/

Describe the solution you'd like

I would like the have analyzer that detects direct logging of proeprties that uses reduction attributes.

Describe alternatives you've considered

There could be a step during compilation but if it i spossible to detect it as soon as possible it wloud be great.

Additional context

N/A

Greate library. I"m using it in all off my projects

Gérald Barré · Answer 1 · Fri Dec 29 2023 23:01:44 GMT+0800 (China Standard Time)

Can you provide a small sample of what should be detected?

Lior Banai · Answer 2 · Sat Dec 30 2023 01:02:13 GMT+0800 (China Standard Time)

let say I do not want to log patient infomation in logs (but still have log patient data) like:

   public partial class PatientInfo
   {
        [PiiData] public string PatientId { get; set; }
        public ulong RecordId { get; set; } //the record Id in the backend database
        [PiiData] public string FirstName { get; set; }
        [PiiData] public string MiddleName { get; set; }
        [PiiData] public string LastName { get; set; }
        public DateTimeOffset? ScheduledDate { get; set; } //UTC value
        public string Department { get; set; }
        public DateTimeOffset? DateOfBirth { get; set; } //UTC value
        [PiiData] public string MedicalRecordNumber { get; set; } //Same as Patient ID
}

when using reduction and using the Log Properties attribute as:

        [LoggerMessage(Level = LogLevel.Information, Message = "Patient Information {source}")]
        public static partial void LogPatient(ILogger logger, string source, [LogProperties] PatientInfo patient);

the properties with [PiiData] are reducted using:

          services.AddRedaction(x =>
          {
              x.SetRedactor<StarRedactor>(new DataClassificationSet(DataTaxonomy.SensitiveData));
              x.SetRedactor<StarRedactor>(new DataClassificationSet(DataTaxonomy.PiiData));
          });

which in the log is shown as:

{
	"@timestamp": "2023-12-22T18:18:26.0423257+02:00",
	"log.level": "Information",
	"message": "Patient Information method1",
	"ecs.version": "8.6.0",

	"labels": {
		"MessageTemplate": "Patient Information {source}",
		"patient.DateOfBirth": "24/06/1997 7:57:48 +00:00",
		"patient.Department": "Surgery",
		"patient.ScheduledDate": "21/12/2023 6:49:44 +02:00",
		"patient.MedicalRecordNumber": "**************************************",
		"patient.LastName": "**********************",
		"patient.MiddleName": "************************",
		"patient.FirstName": "**************************",
		"patient.PatientId": "***********************"
	}
}

but if I log direct properties like

Logger.LogInformation("Patient name: {name}", patient.FirstName);

that will be logged. I would like to get a warning when I try to log any PII information ( or any other reducted properties) like in the above line.

Something like: "FirstName is reducted log property. Consider using LogProperties attrtibute instead"

Gérald Barré · Answer 3 · Sat Dec 30 2023 06:40:32 GMT+0800 (China Standard Time)

If I well understood, the new rule should detect the usage of any member (field, property, parameter) decorated with Microsoft.Extensions.Compliance.Classification.DataClassificationAttribute

// Report the second argument
logger.LogInformation("dummy", obj.PropertyDecoratedWithDataClassificationAttribute);

Lior Banai · Answer 4 · Sat Dec 30 2023 15:17:21 GMT+0800 (China Standard Time)

Thanks for the fast solution. I'll give it a try and update