How to edit confidential information from log4net?

Question

How to edit confidential information from log4net?

Some of the exception messages in our application contain credentials / private keys or other sensitive information that should not go into the error log. I would like to filter the content of the registered post before writing it so that known sensitive values and / or patterns can be replaced with [redacted] or some such text value. Several searches did not change anything. Is there a way to do this and apply it in a generic way across all configured applications?

I don't want to filter knowing where all these exceptions might occur and write exception handlers for that purpose. No exceptions are thrown by our code, so "don't" is not an option.

+3

.net log4net

jlew 12 Feb 13 at 20:35

source to share

2 answers

Sten Petrov · Answer 1 · 2013-02-12T20:38:22+0000

Very simple: don't put them there in the first place.

Of course, you can create regex and heuristics, etc. and run them periodically in your log - all of this will be subject to failure or sabotage.

And there is no reason to have passwords and private keys in logs

Ian Mercer · Answer 2 · 2013-02-13T01:30:29+0000

I would expect (but not try) that you could write BufferingAppender

based on here and could use a method override protected void Append(LoggingEvent loggingEvent)

to change the logingEvent to remove sensitive information.

How to edit confidential information from log4net?

More articles: