重新配置日志以屏蔽特定的日志数据 [英] Logback configuration to mask specific log data
问题描述
我有一个Spring Boot Web应用程序,并且正在使用logback作为我的日志记录解决方案.我一直在浏览文档,找不到掩盖私人/特定数据(个人信息,信用卡号等)的简单或正确"方法.
I have a Spring Boot web app and am using logback as my logging solution. I have been looking through the documentation and cannot find an easy or 'correct' way to mask private/specific data (Personal info, credit card #s, etc.).
我能找到的最接近的是Logback过滤器,但是围绕这些过滤器的用例似乎更多地是省略了符合特定条件的日志,我只是想掩盖所有应用范围的日志.
The closest I have been able to find is Logback filters, however the use case around those seems to be more about omitting logs that match specific criteria, I am simply looking to mask all, application wide, logs.
这似乎是一个基本问题,我敢肯定我缺少一些超级基本的东西,但是任何对正确方向的推or或指向都非常感激.
This seems like such a basic question and I am certain I am missing something super basic, but any shove or point in the right direction is very much appreciated.
我也没有被锁定在logback中,因此,如果有一种更简单/更好的方法来使用log4j2进行此操作,例如,我很高兴
I am also not locked into logback so if there is an easier/better way to do this using log4j2 for example I am all ears
推荐答案
要屏蔽可配置字段,您需要创建如下的 MaskingPatternLayout
,
To mask configurable fields, you need to create MaskingPatternLayout
like below,
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import ch.qos.logback.classic.PatternLayout;
import ch.qos.logback.classic.spi.ILoggingEvent;
public class MaskingPatternLayout extends PatternLayout {
private String patternsProperty;
private Optional<Pattern> pattern;
public String getPatternsProperty() {
return patternsProperty;
}
public void setPatternsProperty(String patternsProperty) {
this.patternsProperty = patternsProperty;
if (this.patternsProperty != null) {
this.pattern = Optional.of(Pattern.compile(patternsProperty, Pattern.MULTILINE));
} else {
this.pattern = Optional.empty();
}
}
@Override
public String doLayout(ILoggingEvent event) {
final StringBuilder message = new StringBuilder(super.doLayout(event));
if (pattern.isPresent()) {
Matcher matcher = pattern.get().matcher(message);
while (matcher.find()) {
int group = 1;
while (group <= matcher.groupCount()) {
if (matcher.group(group) != null) {
final int startGrpIndex = matcher.start(group);
final int endGrpIndex = matcher.end(group);
final int diff = endGrpIndex - startGrpIndex + 1;
int startIndex = startGrpIndex + diff;
final int endIndex1 = message.indexOf(",", startIndex);
final int endIndex2 = message.indexOf(" ", startIndex);
final int endIndex3 = message.indexOf(")", startIndex);
final int endIndex4 = message.indexOf("\n", startIndex);
final Integer endIndex = getSmallestInt(
Arrays.asList(Integer.valueOf(endIndex1), Integer.valueOf(endIndex2), Integer.valueOf(endIndex3), Integer.valueOf(endIndex4)));
if (endIndex == null || endIndex <= 0) {
continue;
}
for (int i = startIndex; i < endIndex; i++) {
message.setCharAt(i, '*');
}
}
group++;
}
}
}
return message.toString();
}
private Integer getSmallestInt(List<Integer> integerList) {
return integerList.stream().filter(integer -> integer > 0).reduce((x, y) -> x < y ? x : y).get();
}
}
需要在logback.xml附加程序中添加编码器-
Need to add an encoder in logback.xml appenders -
<encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
<layout class="com.adgiants.config.MaskingPatternLayout">
<patternsProperty>(password)|(email)</patternsProperty>
<pattern>%d [%thread] %-5level %logger{35} - %msg%n</pattern>
</layout>
</encoder>
此配置将扫描您的所有日志语句,并匹配诸如"password"之类的词.或电子邮件"(无论您在 logback.xml 编码器中配置了哪个),其值将替换为 ****
This configuration will scan all your log statements and match for words like "password" or "email"(whichever you have configured in the logback.xml encoder), its values will be replaced with ****
例如
log.info("Received sign-up request, password=DummyPassword@123");
在上面的日志中,语句将显示为
In logs above statement will be shown as,
Received sign-up request, password=*****************
这篇关于重新配置日志以屏蔽特定的日志数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!