清理Tomcat访问日志条目 [英] Sanitizing Tomcat access log entries

问题描述

在我们的日志中，我们看到由于一些人使用CC信息点击了我们应用中的某些ULR而导致的信用卡号(我不知道他们为什么这样做).我们要对这些信息进行清理(由于PCI的考虑)，甚至不将其持久化到磁盘上.

In our logs we're seeing credit-card numbers due to people hitting some of the ULRs in our app with CC info (I have no idea why they are doing this). We want to sanitize this information (because of PCI considerations) and not even persist it to disk.

因此，我希望能够在日志条目到达日志文件之前对其进行清理.我一直在寻找Tomcat Valves(Access Log Valve).这是要走的路吗?

Hence, I want to be able to sanitize the log entry before it hits the log file. I've been looking at Tomcat Valves (Access Log Valve). Is this the way to go?

推荐答案

我能够通过扩展

I was able to solve this problem by extending AccessLogValve and overriding public log(java.lang.String message):

public class SanitizedAccessLogValve extends AccessLogValve {

    private static Pattern pattern = Pattern.compile("\\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})\\b");

    /*
     This method will sanitize any cc numbers in the string and replace them with x's
    */
    private String sanitize(String string) {
        String sanitizedString = string;

        if(string != null) {

            StringBuffer buffer = new StringBuffer();
            Matcher matcher = pattern.matcher(string);

            while(matcher.find()) {
                MatchResult matchResult = matcher.toMatchResult();

                int start = matchResult.start();
                int end = matchResult.end();

                String matchedText = string.substring(start, end);

                matcher.appendReplacement(buffer, "xxxxxxxxxxxxxxxx");                
            }

            matcher.appendTail(buffer);

            sanitizedString = buffer.toString();
        }

        return sanitizedString;
    }

    @Override
    public void log(String message) {
        super.log(sanitize(message));
    }
}

您需要将其编译到jar中，然后将该jar文件放入$CATALINA_HOME/lib.

You need to compile this into a jar, and then put that jar file in $CATALINA_HOME/lib.

然后在您的server.xml中:

<Valve className="my.valves.SanitizedAccessLogValve"
       directory="access_logs"  prefix="localhost." suffix=".log"
       pattern='%v %h %t "%r" %s %B %T "%{User-Agent}i"'/>

这篇关于清理Tomcat访问日志条目的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！